Malware Analysis Report

2024-12-07 16:18

Sample ID 241113-yyh44a1rgl
Target inbox.png
SHA256 27410bc7be14c47eb58679632c4f683dcd90814191ad030fd254e4ff96646523
Tags
defense_evasion discovery evasion motw persistence phishing privilege_escalation trojan
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

27410bc7be14c47eb58679632c4f683dcd90814191ad030fd254e4ff96646523

Threat Level: Likely malicious

The file inbox.png was found to be: Likely malicious.

Malicious Activity Summary

defense_evasion discovery evasion motw persistence phishing privilege_escalation trojan

Downloads MZ/PE file

Event Triggered Execution: Image File Execution Options Injection

Event Triggered Execution: Component Object Model Hijacking

A potential corporate email address has been identified in the URL: httpswww.youtube.com@WeAreDevsExploitssubconfirmation1cbrd1

Executes dropped EXE

Loads dropped DLL

Legitimate hosting services abused for malware hosting/C2

Network Share Discovery

Mark of the Web detected: This indicates that the page was originally saved or cloned.

Enumerates connected drives

Checks installed software on the system

Checks whether UAC is enabled

Suspicious use of NtSetInformationThreadHideFromDebugger

Suspicious use of NtCreateThreadExHideFromDebugger

Checks system information in the registry

Subvert Trust Controls: Mark-of-the-Web Bypass

Drops file in Program Files directory

Drops file in Windows directory

System Network Configuration Discovery: Internet Connection Discovery

Browser Information Discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

System policy modification

Suspicious use of FindShellTrayWindow

Checks SCSI registry key(s)

Modifies data under HKEY_USERS

NTFS ADS

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of UnmapMainImage

Suspicious use of WriteProcessMemory

Suspicious use of SetWindowsHookEx

Modifies registry class

Suspicious behavior: EnumeratesProcesses

Suspicious use of AdjustPrivilegeToken

Suspicious use of SendNotifyMessage

Uses Volume Shadow Copy service COM API

Modifies Internet Explorer settings

Enumerates system info in registry

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-13 20:11

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-13 20:11

Reported

2024-11-13 20:20

Platform

win11-20241007-en

Max time kernel

547s

Max time network

548s

Command Line

cmd /c C:\Users\Admin\AppData\Local\Temp\inbox.png

Signatures

Downloads MZ/PE file

Event Triggered Execution: Image File Execution Options Injection

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EUB052.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EUB052.tmp\MicrosoftEdgeUpdate.exe N/A

A potential corporate email address has been identified in the URL: httpswww.youtube.com@WeAreDevsExploitssubconfirmation1cbrd1

phishing

Event Triggered Execution: Component Object Model Hijacking

persistence privilege_escalation

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\MicrosoftEdge_X64_130.0.2849.80.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe N/A
N/A N/A C:\Program Files\JJSploit\JJSploit.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B64905F1-F1AD-466C-B587-339082DB7D18}\MicrosoftEdgeUpdateSetup_X86_1.3.195.35.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUB052.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Windows\syswow64\MsiExec.exe N/A
N/A N/A C:\Program Files\JJSploit\JJSploit.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files\JJSploit\JJSploit.exe N/A

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\N: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\U: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\G: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\K: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\L: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\X: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\I: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\L: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\X: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Y: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\B: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\I: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\R: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\Z: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\B: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\E: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\M: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\P: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\W: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\Y: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\A: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\O: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\H: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\K: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\S: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\T: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\W: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\E: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\N: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\T: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\V: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\Q: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\R: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\A: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\J: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\S: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\H: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\M: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\P: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Q: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\U: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\J: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Z: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\O: C:\Windows\System32\msiexec.exe N/A
File opened (read-only) \??\G: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\V: C:\Windows\system32\msiexec.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A

Mark of the Web detected: This indicates that the page was originally saved or cloned.

phishing motw
Description Indicator Process Target
N/A https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html N/A N/A

Network Share Discovery

discovery

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EUB052.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EUB052.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Suspicious use of NtSetInformationThreadHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\R15Migrator\Icon_AdapterPaneTab.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\Settings\MenuBarAssets\MenuButtonSelected.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\Trust Protection Lists\Mu\Content C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\InGameMenu\TouchControls\move_area_landscape.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\LuaApp\graphic\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\LuaChat\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\show_third_party_software_licenses.bat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\MaterialGenerator\Materials\DiamondPlate.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\VoiceChat\MicLight\Error.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\Controls\DesignSystem\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\Gamepad\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\Locales\ja.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\StudioToolbox\RoundedBorder.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\PlayerList\UnFriend.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\LuaChat\graphic\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\vccorlib140.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\InGameMenu\TouchControls\touch_action_rotate_camera.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\Controls\PlayStationController\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ViewSelector\left_hover.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_id.dll C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\particles\explosion01_core_main.dds C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\R15Migrator\Icon_DotDotDot.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\common\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\VoiceChat\RedSpeakerLight\Unmuted0.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\TopBar\moreOn.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\LuaApp\ExternalSite\guilded_white.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\Locales\en-GB.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\fonts\families\BuilderSans.json C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\DarkThemeLoadingCircle.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\LayeredClothingEditor\WorkspaceIcons\Cage Mode.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\Controls\command.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\InGameMenu\roblox_logo.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\mip_core.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\VisualElements\SmallLogoDev.png C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\VR\hoverPopupLeft.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\LuaChat\graphic\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\LuaChat\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_mr.dll C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\models\AccessoryAdjustment\Ring.rbxm C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\LuaApp\graphic\playBtnBackground.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\LuaChat\graphic\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\LuaChatV2\actions_notificationOff.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\fonts\BuilderSans-Bold.otf C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\AnimationEditor\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\AnimationEditor\eventMarker_border.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\identity_proxy\win11\identity_helper.Sparse.Dev.msix C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\Locales\de.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\StartPage\CityImages.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\StudioToolbox\AssetPreview\star_stroke.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\TerrainTools\mt_sea_level.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\Emotes\TenFoot\SelectedGradient.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\Controls\DesignSystem\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\sounds\action_jump_land.mp3 C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\MaterialCursor.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\AvatarEditorImages\AvatarEditor_LightTheme.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\Controls\DesignSystem\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\Controls\DesignSystem\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\VoiceChat\Misc\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\ExtraContent\textures\ui\LuaChat\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_sq.dll C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\PlatformContent\pc\textures\sky\sky512_rt.tex C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\content\textures\ui\MenuBar\icon_chat.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\msedgewebview2.exe.sig C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe N/A
File created C:\Windows\Installer\e5a7253.msi C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\SystemTemp\~DF9CCBB13E04A807A1.TMP C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-de-1901.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-de-1996.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-hy.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1083356494\Part-FR C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\a728abc2-c5e9-4dcd-8fa6-8c844608bccd.tmp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe N/A
File created C:\Windows\Installer\SourceHash{ED32CE98-14F7-4B25-AD97-7F0034775067} C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\SystemTemp\~DF422F180B90752FBF.TMP C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-hu.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-lt.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_695356870\manifest.fingerprint C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1019815033\manifest.json C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-te.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1083356494\LICENSE C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-hr.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-und-ethi.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\Installer\inprogressinstallinfo.ipi C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-ga.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-mr.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_101514604\manifest.fingerprint C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1010676493\keys.json C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File opened for modification C:\Windows\SystemTemp\msedge_installer.log C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-hi.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-kn.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-fr.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-ta.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\manifest.fingerprint C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1083356494\Part-RU C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-et.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-ka.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1010676493\_metadata\verified_contents.json C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1083356494\Part-IT C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-nl.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-ru.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1083356494\Part-NL C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_695356870\manifest.json C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-af.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_2005554062\manifest.fingerprint C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_451859795\manifest.fingerprint C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-cu.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-es.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-eu.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_2005554062\crs.pb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_2005554062\ct_config.pb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1083356494\manifest.json C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\Installer\{ED32CE98-14F7-4B25-AD97-7F0034775067}\ProductIcon C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-cs.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-de-ch-1901.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-it.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-uk.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1010676493\LICENSE C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1083356494\manifest.fingerprint C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-da.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-en-us.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-gl.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1083356494\Filtering Rules-AA C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File opened for modification C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-pa.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-sv.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A

Subvert Trust Controls: Mark-of-the-Web Bypass

defense_evasion
Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B64905F1-F1AD-466C-B587-339082DB7D18}\MicrosoftEdgeUpdateSetup_X86_1.3.195.35.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\syswow64\MsiExec.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\Temp\EUB052.tmp\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Checks SCSI registry key(s)

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters C:\Windows\system32\vssvc.exe N/A
Key queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters C:\Windows\system32\vssvc.exe N/A
Key created \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr C:\Windows\system32\vssvc.exe N/A
Set value (data) \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr\PartitionTableCache = 0000000004000000ab2f6650cf45871d0000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000c01200000000ffffffff000000002701010000080000ab2f66500000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d01200000000000020ed3a000000ffffffff000000000700010000680900ab2f6650000000000000d012000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0ff3a0000000000000005000000ffffffff000000000700010000f87f1dab2f6650000000000000f0ff3a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000ab2f665000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 C:\Windows\system32\vssvc.exe N/A
Set value (data) \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr\SnapshotDataCache = 534e41505041525401000000700000008ec7416a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 C:\Windows\system32\vssvc.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27\52C64B7E\@%SystemRoot%\system32\dnsapi.dll,-103 = "Domain Name System (DNS) Server Trust" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27\52C64B7E\@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124 = "Document Encryption" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27\52C64B7E C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\26\52C64B7E C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26 C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133760024900558913" C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ = "ICoCreateAsync" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32\ = "{3316A154-AC5C-4126-9021-B201E9C33D7B}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\roblox C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{8F09CD6C-5964-4573-82E3-EBFF7702865B}\ProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachineFallback\ = "Google Update Policy Status Class" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\NumMethods\ = "8" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\NumMethods\ = "4" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ = "IRegistrationUpdateHook" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\ProxyStubClsid32\ = "{3316A154-AC5C-4126-9021-B201E9C33D7B}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ = "IJobObserver2" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-player C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods\ = "26" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32\ = "{3316A154-AC5C-4126-9021-B201E9C33D7B}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32\ = "{3316A154-AC5C-4126-9021-B201E9C33D7B}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{3316A154-AC5C-4126-9021-B201E9C33D7B}\ = "PSFactoryBuffer" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{08D832B9-D2FD-481F-98CF-904D00DF63CC}\VersionIndependentProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreClass\CurVer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\ = "ServiceModule" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\NumMethods\ = "12" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ = "ICredentialDialog" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\PROGID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ = "IPolicyStatus" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9F3F5F5D-721A-4B19-9B5D-69F664C1A591}\ = "Google Update Policy Status Class" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\NumMethods\ = "9" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\roblox\ = "URL: Roblox Protocol" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\NumMethods\ = "4" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\ = "ServiceModule" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\NumMethods\ = "23" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\LocalizedString = "@C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.195.35\\msedgeupdate.dll,-3000" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebMachineFallback.1.0\ = "Microsoft Edge Update Update3Web" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ProxyStubClsid32\ = "{3316A154-AC5C-4126-9021-B201E9C33D7B}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ = "IAppBundle" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ = "ICurrentState" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachine\ = "Microsoft Edge Update Broker Class Factory" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 881681.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\JJSploit_8.10.12_x64_en-US.msi:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\fluxus-executor-fluxusofficial.com.apk:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 275708.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUB052.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUB052.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeUpdate.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeCreateTokenPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeAssignPrimaryTokenPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeLockMemoryPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeMachineAccountPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeTcbPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSystemtimePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeProfSingleProcessPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeCreatePermanentPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeAuditPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSystemEnvironmentPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeChangeNotifyPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeRemoteShutdownPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeUndockPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSyncAgentPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeEnableDelegationPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeManageVolumePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeImpersonatePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeCreateGlobalPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeCreateTokenPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeAssignPrimaryTokenPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeLockMemoryPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeIncreaseQuotaPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeMachineAccountPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeTcbPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSystemtimePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeProfSingleProcessPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeCreatePermanentPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeShutdownPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeAuditPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSystemEnvironmentPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeChangeNotifyPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeRemoteShutdownPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeUndockPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeSyncAgentPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeEnableDelegationPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeManageVolumePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeImpersonatePrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeCreateGlobalPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeCreateTokenPrivilege N/A C:\Windows\System32\msiexec.exe N/A
Token: SeAssignPrimaryTokenPrivilege N/A C:\Windows\System32\msiexec.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Windows\System32\msiexec.exe N/A
N/A N/A C:\Windows\System32\msiexec.exe N/A
N/A N/A C:\Program Files\JJSploit\JJSploit.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Windows\system32\OpenWith.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 5712 wrote to memory of 820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 3456 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 2592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 2592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 4296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 4296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 4296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 4296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 4296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 4296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 4296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 4296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 4296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 4296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 4296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 4296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 4296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 4296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 4296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 4296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 4296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 4296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 4296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5712 wrote to memory of 4296 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

System policy modification

evasion
Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\DataCollection C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe N/A

Uses Volume Shadow Copy service COM API

ransomware

Processes

C:\Windows\system32\cmd.exe

cmd /c C:\Users\Admin\AppData\Local\Temp\inbox.png

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff84d653cb8,0x7ff84d653cc8,0x7ff84d653cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1904 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2520 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4984 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5012 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3428 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3560 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3548 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5272 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4920 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5428 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4184 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5488 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaService --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=5788 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5732 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5716 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6048 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5284 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5868 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5160 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1760 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5572 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5580 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6464 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6224 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6828 /prefetch:8

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"

C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MicrosoftEdgeWebview2Setup.exe /silent /install

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QUIxMUNCNTItQ0IzMS00NzVELTlGOUYtM0VDMUVFQzA1Mzk1fSIgdXNlcmlkPSJ7N0EyMjUyRjUtMzVCNi00MTk5LTk3NTMtNEU3Qjc2RTNENUQ4fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InsyQURBMkFGRi0wQ0Q4LTQ5QjItOUJDQS1GMTYzQTJGMDU0OEZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE0My41NyIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU4NDYzMTc3MjMiIGluc3RhbGxfdGltZV9tcz0iNjI0Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{AB11CB52-CB31-475D-9F9F-3EC1EEC05395}" /silent

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QUIxMUNCNTItQ0IzMS00NzVELTlGOUYtM0VDMUVFQzA1Mzk1fSIgdXNlcmlkPSJ7N0EyMjUyRjUtMzVCNi00MTk5LTk3NTMtNEU3Qjc2RTNENUQ4fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntGNkQ1MEFCRi1GNDI1LTQwMDEtOTI3Mi04RjFEOUZBRkNGNUF9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTIzLjAuNjMxMi4xMjMiIG5leHR2ZXJzaW9uPSIxMjMuMC42MzEyLjEyMyIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9IjU4NTA3Nzc1MzEiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6320 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6296 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6360 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1656 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2556 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\MicrosoftEdge_X64_130.0.2849.80.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\MicrosoftEdge_X64_130.0.2849.80.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\MicrosoftEdge_X64_130.0.2849.80.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=130.0.6723.117 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{5C272B12-A5AA-4164-8D2F-D92A2BE710F3}\EDGEMITMP_1F083.tmp\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=130.0.2849.80 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff79738d730,0x7ff79738d73c,0x7ff79738d748

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7196 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7052 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7456 /prefetch:8

C:\Windows\System32\msiexec.exe

"C:\Windows\System32\msiexec.exe" /i "C:\Users\Admin\Downloads\JJSploit_8.10.12_x64_en-US.msi"

C:\Windows\system32\msiexec.exe

C:\Windows\system32\msiexec.exe /V

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2524 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5792 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7148 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7532 /prefetch:1

C:\Windows\syswow64\MsiExec.exe

C:\Windows\syswow64\MsiExec.exe -Embedding 4F82FC9ED51D5EB890B0449E5B16060D C

C:\Windows\system32\vssvc.exe

C:\Windows\system32\vssvc.exe

C:\Windows\system32\srtasks.exe

C:\Windows\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:2

C:\Program Files\JJSploit\JJSploit.exe

"C:\Program Files\JJSploit\JJSploit.exe"

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.12 --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --disable-features=msWebOOUI,msPdfOOUI,msSmartScreenProtection --lang=en-US --mojo-named-platform-channel-pipe=2108.612.3643993215898110269

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=130.0.6723.117 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=130.0.2849.80 --initial-client-data=0x160,0x164,0x168,0x13c,0x174,0x7ff83a6c4dc0,0x7ff83a6c4dcc,0x7ff83a6c4dd8

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --type=gpu-process --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.12 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1740,i,13109628581683775085,4238248936706764818,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=1772 /prefetch:2

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.12 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=1792,i,13109628581683775085,4238248936706764818,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=1828 /prefetch:11

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.12 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=2252,i,13109628581683775085,4238248936706764818,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=2268 /prefetch:13

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --type=renderer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.12 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3000,i,13109628581683775085,4238248936706764818,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=3016 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://mboost.me/a/P?altId=1yYyS3qNXxnxzviR

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff84d653cb8,0x7ff84d653cc8,0x7ff84d653cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6384 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1292 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6492 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7460 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QUIxMUNCNTItQ0IzMS00NzVELTlGOUYtM0VDMUVFQzA1Mzk1fSIgdXNlcmlkPSJ7N0EyMjUyRjUtMzVCNi00MTk5LTk3NTMtNEU3Qjc2RTNENUQ4fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InsyOTU3NzY4Qi01QThELTRGOTMtODQ3Qi05NUVBOEU2NjkxQzR9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIxMzAuMC4yODQ5LjgwIiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI1ODY0OTA3NjQ2IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNTg2NTA1NzQ3NiIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjYxMDQ5MTA2MzYiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5mLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzI3Y2I3MjlkLWZmOTQtNGQzNC1hYWU0LTMzODVmYTA5YzQ0Yz9QMT0xNzMyMTMzNjEzJmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PUg1NlpPRzdHWFdNUGRRZCUyYktDZkQ1JTJmVzdWd3pzTWN4NXZjaTRHSGxIU1p6VHNlQ0U3WXd3bGtxWWxQMm1CdjVPZ25QR0tDWE5sNEJmZER6T2xPUGt4ZyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE3NTA3NjkyMCIgdG90YWw9IjE3NTA3NjkyMCIgZG93bmxvYWRfdGltZV9tcz0iMTY0OTYiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI2MTA0OTYxNjMyIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNjEyMjU3NDk5MyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iNjc0NTA1MDUxNSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjkzMyIgZG93bmxvYWRfdGltZV9tcz0iMjM5NzAiIGRvd25sb2FkZWQ9IjE3NTA3NjkyMCIgdG90YWw9IjE3NTA3NjkyMCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iNjIyNDciLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe" -app -clientLaunchTimeEpochMs 0 -isInstallerLaunch 6072

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7248 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1292 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4592 /prefetch:1

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x00000000000004E4 0x00000000000004E0

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5552 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5988 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1728 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8056 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5496 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.12 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=4776,i,13109628581683775085,4238248936706764818,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=4796 /prefetch:14

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8076 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7832 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7928 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6548 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8348 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8248 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8644 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.12 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=4656,i,13109628581683775085,4238248936706764818,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=748 /prefetch:10

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.12 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=4796,i,13109628581683775085,4238248936706764818,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=4936 /prefetch:14

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9084 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8968 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.12 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=4956,i,13109628581683775085,4238248936706764818,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=5084 /prefetch:14

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8972 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.12 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=5108,i,13109628581683775085,4238248936706764818,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=5060 /prefetch:14

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8060 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8700 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9004 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7220 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.12 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=4996,i,13109628581683775085,4238248936706764818,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=4928 /prefetch:14

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.12 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=4920,i,13109628581683775085,4238248936706764818,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=5048 /prefetch:14

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.12 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=4832,i,13109628581683775085,4238248936706764818,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=4908 /prefetch:14

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.12 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=5072,i,13109628581683775085,4238248936706764818,262144 --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI --variations-seed-version --mojo-platform-channel-handle=4340 /prefetch:14

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9008 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7748 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8012 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6280 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8376 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://mboost.me/a/P?altId=1yYyS3qNXxnxzviR

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff84d653cb8,0x7ff84d653cc8,0x7ff84d653cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8432 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7252 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7900 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:kDxvS_3ijIhaksNmkvK-1Wxse0bbQFgizzomrIuCfXZ4UwMwE9NFXPEpPaitOl7QObYEyOozKvvjvj-6V3AYJeQwvg_egKRHEEzRO5amxvap7qKJCx9dUNuvkwNekH-eyhkPHncn7gEIp91Zvg0LDgpp1ed8MnNLaKI2_G2h6CkwOq_FnAKffh0xzd-6myKI0cwWGrCOuuSFJbbYuHUUqplk1OLchj5nT2-e2RuMoeQ+launchtime:1731528769664+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1731528712128001%26placeId%3D142823291%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3Df0266778-8c24-48ce-bef6-43a71b2c678f%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1731528712128001+robloxLocale:en_us+gameLocale:en_us+channel:zliveforbeta+LaunchExp:InApp

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8560 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B64905F1-F1AD-466C-B587-339082DB7D18}\MicrosoftEdgeUpdateSetup_X86_1.3.195.35.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{B64905F1-F1AD-466C-B587-339082DB7D18}\MicrosoftEdgeUpdateSetup_X86_1.3.195.35.exe" /update /sessionid "{E6BC0211-459C-4206-B7CD-D0D2A20E04AE}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RTZCQzAyMTEtNDU5Qy00MjA2LUI3Q0QtRDBEMkEyMEUwNEFFfSIgdXNlcmlkPSJ7N0EyMjUyRjUtMzVCNi00MTk5LTk3NTMtNEU3Qjc2RTNENUQ4fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins0OEU1OEQyNS01RDg1LTQzNEQtQUYwQy1BNTFDQTNFOTk0NTN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTcxLjM5IiBuZXh0dmVyc2lvbj0iMS4zLjE5NS4zNSIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjkzMzIwOTM0OTQiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTMzMjI0MzU2MSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMCIgZXJyb3Jjb2RlPSItMjE0NzAyMzgzOCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTM0OTM1MTc2MSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iZG8iIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzY4ZDU3N2EwLTFmNGEtNDM0Zi1iZGNlLTE0OGVkYzFlNGE0MD9QMT0xNzMyMTMzOTYwJmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PUtiSWJtVW1lWG1YZzIzdTFIRGR0MEh0WG16RFBib1AwWmZWOFRCSGZSOHV6cjlkNHZ3M01QYmFGb2xBb3VpSmpJbXplVzd5enQ0dXpPdlZzZlhyOVFBJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMCIgdG90YWw9IjAiIGRvd25sb2FkX3RpbWVfbXM9IjMiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTM0OTM2MzU3OCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNjhkNTc3YTAtMWY0YS00MzRmLWJkY2UtMTQ4ZWRjMWU0YTQwP1AxPTE3MzIxMzM5NjAmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9S2JJYm1VbWVYbVhnMjN1MUhEZHQwSHRYbXpEUGJvUDBaZlY4VEJIZlI4dXpyOWQ0dnczTVBiYUZvbEFvdWlKakltemVXN3l6dDR1ek92VnNmWHI5UUElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNjM1OTIwIiB0b3RhbD0iMTYzNTkyMCIgZG93bmxvYWRfdGltZV9tcz0iMTU2MyIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5MzQ5MzkzNzU0IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjkzNTQ2ODM1MjMiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48cGluZyByPSItMSIgcmQ9Ii0xIi8-PC9hcHA-PGFwcCBhcHBpZD0iezU2RUIxOEY4LUIwMDgtNENCRC1CNkQyLThDOTdGRTdFOTA2Mn0iIHZlcnNpb249IjkwLjAuODE4LjY2IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGxhc3RfbGF1bmNoX3RpbWU9IjEzMzc2MDAyNzIwNzY3Mjc4MCI-PHVwZGF0ZWNoZWNrLz48cGluZyBhY3RpdmU9IjEiIGE9Ii0xIiByPSItMSIgYWQ9Ii0xIiByZD0iLTEiLz48L2FwcD48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iMTMwLjAuMjg0OS44MCIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiB1cGRhdGVfY291bnQ9IjEiIGxhc3RfbGF1bmNoX3RpbWU9IjEzMzc2MDAyNDg3Mzk2NDQwMCI-PHVwZGF0ZWNoZWNrLz48cGluZyBhY3RpdmU9IjEiIGE9Ii0xIiByPSItMSIgYWQ9Ii0xIiByZD0iLTEiIHBpbmdfZnJlc2huZXNzPSJ7Q0RFQzdCQjAtQkQ2Mi00QzhCLTkyN0UtRkZERUJCNDAzODhEfSIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\Temp\EUB052.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EUB052.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{E6BC0211-459C-4206-B7CD-D0D2A20E04AE}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuMzUiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RTZCQzAyMTEtNDU5Qy00MjA2LUI3Q0QtRDBEMkEyMEUwNEFFfSIgdXNlcmlkPSJ7N0EyMjUyRjUtMzVCNi00MTk5LTk3NTMtNEU3Qjc2RTNENUQ4fSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7RkMzNTYzMTEtMURCQS00Mjc3LUFCMjQtOENFNDhFOEY0QUM4fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xOTUuMzUiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIwIiBpbnN0YWxsZGF0ZXRpbWU9IjE3MzE1Mjg4MDkiPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjkzNzIxMzM3MDIiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7800 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8448 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5212 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9156 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8520 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9252 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8172 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7552 /prefetch:8

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6552 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5580 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7112 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9016 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8536 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5580 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9372 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9108 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8048 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9348 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5580 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8400 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9836 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9820 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8996 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9300 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9760 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10216 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10308 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10448 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10592 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10728 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10872 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11016 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11172 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11336 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11040 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11912 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12596 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12476 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12896 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12908 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13236 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13380 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13144 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11104 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12556 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1796,12117994367931525842,2920992910741176292,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12744 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
GB 88.221.135.11:443 www.bing.com tcp
GB 128.116.119.4:80 presence.roblox.com tcp
GB 128.116.119.4:80 presence.roblox.com tcp
GB 128.116.119.4:443 presence.roblox.com tcp
GB 2.18.190.78:443 static.rbxcdn.com tcp
FR 18.245.199.98:443 css.rbxcdn.com tcp
FR 18.245.199.98:443 css.rbxcdn.com tcp
FR 18.245.199.98:443 css.rbxcdn.com tcp
FR 18.245.199.98:443 css.rbxcdn.com tcp
FR 18.245.199.98:443 css.rbxcdn.com tcp
FR 18.245.199.98:443 css.rbxcdn.com tcp
GB 2.19.252.155:443 js.rbxcdn.com tcp
GB 2.19.252.155:443 js.rbxcdn.com tcp
GB 2.19.252.155:443 js.rbxcdn.com tcp
GB 2.19.252.155:443 js.rbxcdn.com tcp
GB 2.19.252.155:443 js.rbxcdn.com tcp
GB 2.19.252.155:443 js.rbxcdn.com tcp
GB 2.19.252.155:443 js.rbxcdn.com tcp
FR 3.164.163.59:80 crt.rootg2.amazontrust.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 155.252.19.2.in-addr.arpa udp
US 8.8.8.8:53 98.199.245.18.in-addr.arpa udp
US 8.8.8.8:53 59.163.164.3.in-addr.arpa udp
GB 128.116.119.3:443 roblox.com tcp
GB 128.116.119.4:443 privatemessages.roblox.com tcp
GB 128.116.119.4:443 privatemessages.roblox.com tcp
GB 104.77.118.82:443 apis.rbxcdn.com tcp
FR 18.245.199.98:443 css.rbxcdn.com tcp
FR 13.32.145.114:443 images.rbxcdn.com tcp
FR 13.32.145.114:443 images.rbxcdn.com tcp
FR 13.32.145.114:443 images.rbxcdn.com tcp
FR 13.32.145.114:443 images.rbxcdn.com tcp
FR 13.32.145.114:443 images.rbxcdn.com tcp
FR 13.32.145.114:443 images.rbxcdn.com tcp
FR 18.245.175.6:443 arkoselabs.roblox.com tcp
GB 128.116.119.4:443 privatemessages.roblox.com tcp
US 8.8.8.8:53 economy.roblox.com udp
US 8.8.8.8:53 trades.roblox.com udp
US 8.8.8.8:53 usermoderation.roblox.com udp
US 8.8.8.8:53 syd1-128-116-51-3.roblox.com udp
US 8.8.8.8:53 atl1-128-116-99-3.roblox.com udp
US 8.8.8.8:53 cdg1-128-116-122-3.roblox.com udp
US 8.8.8.8:53 tr.rbxcdn.com udp
DE 128.116.123.3:443 fra2-128-116-123-3.roblox.com tcp
SG 128.116.50.3:443 sin4-128-116-50-3.roblox.com tcp
US 128.116.115.3:443 sea1-128-116-115-3.roblox.com tcp
US 128.116.99.3:443 atl1-128-116-99-3.roblox.com tcp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
US 128.116.45.3:443 mia4-128-116-45-3.roblox.com tcp
US 128.116.101.3:443 ord2-128-116-101-3.roblox.com tcp
FR 128.116.122.3:443 cdg1-128-116-122-3.roblox.com tcp
GB 128.116.119.3:443 silver.roblox.com tcp
GB 2.18.190.74:443 t7.rbxcdn.com tcp
US 128.116.115.3:443 sea1-128-116-115-3.roblox.com tcp
SG 128.116.50.3:443 sin4-128-116-50-3.roblox.com tcp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
GB 88.221.135.1:443 th.bing.com tcp
GB 95.101.143.195:443 th.bing.com tcp
GB 95.101.143.195:443 th.bing.com tcp
GB 88.221.135.1:443 th.bing.com tcp
US 199.232.210.172:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 128.116.32.3:443 lga2-128-116-32-3.roblox.com tcp
DE 128.116.44.3:443 fra4-128-116-44-3.roblox.com tcp
US 128.116.127.3:443 mia2-128-116-127-3.roblox.com tcp
US 128.116.95.3:443 dfw2-128-116-95-3.roblox.com tcp
US 128.116.102.3:443 iad4-128-116-102-3.roblox.com tcp
SG 128.116.97.3:443 sin2-128-116-97-3.roblox.com tcp
FR 18.245.199.123:443 sc0aws.rbxcdn.com tcp
SG 128.116.97.3:443 sin2-128-116-97-3.roblox.com tcp
GB 128.116.119.4:443 followings.roblox.com tcp
GB 2.19.252.160:443 setup.rbxcdn.com tcp
N/A 127.0.0.1:50967 tcp
GB 128.116.119.4:443 followings.roblox.com tcp
GB 88.221.180.17:443 clientsettingscdn.roblox.com tcp
GB 2.19.252.160:443 setup.rbxcdn.com tcp
N/A 127.0.0.1:50972 tcp
GB 2.19.252.160:443 setup.rbxcdn.com tcp
GB 2.19.252.160:443 setup.rbxcdn.com tcp
N/A 127.0.0.1:50987 tcp
US 4.151.228.221:443 msedge.api.cdp.microsoft.com tcp
GB 2.18.190.81:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 172.67.155.126:80 jjsploit.net tcp
US 172.67.155.126:80 jjsploit.net tcp
US 172.67.155.126:443 jjsploit.net tcp
GB 216.58.212.238:443 fundingchoicesmessages.google.com tcp
GB 216.58.212.238:443 fundingchoicesmessages.google.com udp
GB 142.250.179.225:443 lh3.googleusercontent.com tcp
US 216.239.34.36:443 region1.google-analytics.com tcp
GB 142.250.179.226:443 ep1.adtrafficquality.google tcp
GB 142.250.187.193:443 ep2.adtrafficquality.google tcp
GB 142.250.187.193:443 ep2.adtrafficquality.google udp
GB 142.250.179.226:443 ep1.adtrafficquality.google udp
GB 142.250.178.1:443 tpc.googlesyndication.com tcp
GB 20.26.156.215:443 github.com tcp
US 185.199.108.133:443 raw.githubusercontent.com tcp
GB 142.250.178.1:443 tpc.googlesyndication.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 forum.wearedevs.net udp
US 8.8.8.8:53 forum.wearedevs.net udp
US 104.26.7.147:443 forum.wearedevs.net udp
US 104.26.7.147:443 forum.wearedevs.net tcp
US 104.26.7.147:443 forum.wearedevs.net tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
N/A 127.0.0.1:443 tcp
US 8.8.8.8:53 api.mboost.me udp
US 8.8.8.8:53 api.mboost.me udp
US 172.67.214.146:443 api.mboost.me udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google udp
US 104.21.67.56:443 api.mboost.me udp
US 172.67.214.146:443 api.mboost.me tcp
US 172.67.214.146:443 api.mboost.me tcp
US 216.239.34.36:443 region1.google-analytics.com udp
US 104.26.7.147:443 forum.wearedevs.net tcp
US 216.239.34.36:443 region1.google-analytics.com udp
GB 216.58.212.238:443 fundingchoicesmessages.google.com udp
GB 142.250.179.225:443 lh3.googleusercontent.com udp
GB 142.250.179.226:443 ep1.adtrafficquality.google udp
GB 142.250.187.193:443 ep2.adtrafficquality.google udp
GB 216.58.201.100:443 www.google.com tcp
GB 142.250.179.226:443 ep1.adtrafficquality.google udp
GB 142.250.200.14:443 www.youtube.com tcp
GB 142.250.200.14:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 216.58.201.100:443 www.google.com udp
GB 142.250.179.238:443 www.youtube.com udp
GB 216.58.213.22:443 i.ytimg.com tcp
BE 66.102.1.84:443 accounts.google.com tcp
BE 66.102.1.84:443 accounts.google.com udp
DE 172.217.133.198:443 rr1---sn-4g5edndk.googlevideo.com tcp
DE 172.217.133.198:443 rr1---sn-4g5edndk.googlevideo.com tcp
GB 142.250.200.14:443 www.youtube.com tcp
DE 172.217.133.198:443 rr1---sn-4g5edndk.googlevideo.com tcp
DE 172.217.133.198:443 rr1---sn-4g5edndk.googlevideo.com tcp
GB 216.58.213.22:443 i.ytimg.com udp
GB 216.58.201.97:443 yt3.googleusercontent.com udp
DE 172.217.133.198:443 rr1---sn-4g5edndk.googlevideo.com tcp
DE 172.217.133.198:443 rr1---sn-4g5edndk.googlevideo.com tcp
GB 172.217.16.238:443 play.google.com tcp
GB 172.217.16.238:443 play.google.com udp
GB 142.250.200.42:443 jnn-pa.googleapis.com tcp
GB 216.58.204.70:443 static.doubleclick.net tcp
GB 142.250.200.42:443 jnn-pa.googleapis.com udp
GB 172.217.16.238:443 play.google.com udp
GB 128.116.119.4:443 followings.roblox.com tcp
GB 128.116.119.4:443 followings.roblox.com tcp
N/A 127.0.0.1:52542 tcp
N/A 127.0.0.1:52546 tcp
US 8.8.8.8:443 dns.google udp
US 204.79.197.239:443 tcp
US 199.232.210.172:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
GB 142.250.180.3:443 ssl.gstatic.com tcp
GB 95.101.143.219:443 www.bing.com tcp
GB 88.221.135.25:443 th.bing.com tcp
GB 88.221.135.42:443 www.bing.com tcp
GB 88.221.135.42:443 www.bing.com tcp
GB 88.221.135.25:443 th.bing.com tcp
US 104.26.13.46:443 quackr.io tcp
US 104.26.13.46:443 quackr.io tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
GB 216.58.201.100:443 www.google.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
GB 173.194.76.157:443 stats.g.doubleclick.net tcp
GB 216.58.201.100:443 www.google.com tcp
GB 172.217.16.234:443 jnn-pa.googleapis.com tcp
GB 142.250.200.3:443 www.google.co.uk tcp
DK 157.240.200.14:443 connect.facebook.net tcp
GB 142.250.200.3:443 www.google.co.uk udp
GB 2.19.252.146:443 aefd.nelreports.net tcp
US 216.239.32.36:443 region1.google-analytics.com udp
BE 66.102.1.84:443 accounts.google.com udp
GB 88.221.135.25:443 th.bing.com tcp
US 172.66.40.143:443 receive-smss.com tcp
US 172.66.40.143:443 receive-smss.com tcp
US 172.66.40.143:443 receive-smss.com tcp
GB 172.217.16.234:443 jnn-pa.googleapis.com udp
US 104.18.10.207:443 stackpath.bootstrapcdn.com tcp
US 104.18.10.207:443 stackpath.bootstrapcdn.com tcp
GB 142.250.179.225:443 lh3.googleusercontent.com tcp
US 104.18.10.207:443 stackpath.bootstrapcdn.com tcp
US 104.18.10.207:443 stackpath.bootstrapcdn.com tcp
GB 173.194.76.157:443 stats.g.doubleclick.net udp
GB 216.58.212.238:443 fundingchoicesmessages.google.com udp
GB 142.250.179.225:443 lh3.googleusercontent.com udp
US 8.8.8.8:443 dns.google udp
US 8.8.8.8:443 dns.google udp
US 172.67.214.146:443 api.mboost.me udp
GB 142.250.179.226:443 ep1.adtrafficquality.google udp
GB 142.250.187.193:443 ep2.adtrafficquality.google udp
GB 216.58.201.100:443 www.google.com udp
GB 142.250.178.1:443 tpc.googlesyndication.com udp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.200.34:443 partner.googleadservices.com tcp
GB 142.250.179.225:443 lh3.googleusercontent.com udp
US 204.79.197.239:443 tcp
GB 142.250.179.227:443 p4-a2luscgsdk7f2-t2boodilsyfk2fsx-if-v6exp3-v4.metric.gstatic.com tcp
GB 142.250.179.226:443 ep1.adtrafficquality.google udp
GB 142.250.179.227:443 p4-a2luscgsdk7f2-t2boodilsyfk2fsx-if-v6exp3-v4.metric.gstatic.com udp
US 216.239.34.36:443 region1.google-analytics.com udp
GB 216.58.213.22:443 i.ytimg.com udp
FR 172.217.133.7:443 rr2---sn-hgn7rn7y.googlevideo.com tcp
FR 172.217.133.7:443 rr2---sn-hgn7rn7y.googlevideo.com tcp
FR 172.217.133.7:443 rr2---sn-hgn7rn7y.googlevideo.com tcp
FR 172.217.133.7:443 rr2---sn-hgn7rn7y.googlevideo.com tcp
FR 172.217.133.7:443 rr2---sn-hgn7rn7y.googlevideo.com tcp
FR 172.217.133.7:443 rr2---sn-hgn7rn7y.googlevideo.com tcp
GB 216.58.201.97:443 yt3.googleusercontent.com udp
GB 142.250.200.42:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 p4-a2luscgsdk7f2-t2boodilsyfk2fsx-818798-i2-v6exp3.v4.metric.gstatic.com udp
GB 142.250.200.50:443 p4-a2luscgsdk7f2-t2boodilsyfk2fsx-818798-i1-v6exp3.ds.metric.gstatic.com tcp
GB 216.58.204.82:443 p4-a2luscgsdk7f2-t2boodilsyfk2fsx-818798-i2-v6exp3.v4.metric.gstatic.com tcp
GB 142.250.200.50:443 p4-a2luscgsdk7f2-t2boodilsyfk2fsx-818798-i1-v6exp3.ds.metric.gstatic.com tcp
GB 216.58.204.82:443 p4-a2luscgsdk7f2-t2boodilsyfk2fsx-818798-i2-v6exp3.v4.metric.gstatic.com tcp
US 8.8.8.8:53 50.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 82.204.58.216.in-addr.arpa udp
US 172.67.214.146:443 api.mboost.me udp
US 204.79.197.239:443 tcp
GB 216.58.212.195:443 p4-a2luscgsdk7f2-t2boodilsyfk2fsx-818798-s1-v6exp3-v4.metric.gstatic.com tcp
US 216.239.34.36:443 region1.google-analytics.com udp
US 172.66.42.247:443 resources.infolinks.com tcp
GB 216.58.204.74:443 imasdk.googleapis.com tcp
GB 216.58.212.194:443 securepubads.g.doubleclick.net tcp
GB 216.58.201.100:443 www.google.com udp
BE 66.102.1.84:443 accounts.google.com udp
GB 216.58.212.238:443 fundingchoicesmessages.google.com udp
GB 216.58.212.238:443 fundingchoicesmessages.google.com tcp
GB 216.58.212.238:443 fundingchoicesmessages.google.com udp
GB 142.250.179.226:443 ep1.adtrafficquality.google udp
GB 142.250.187.193:443 ep2.adtrafficquality.google udp
GB 142.250.179.226:443 ep1.adtrafficquality.google udp
US 216.239.34.36:443 region1.google-analytics.com udp
GB 88.221.135.25:443 www.bing.com tcp
GB 88.221.135.25:443 www.bing.com tcp
GB 88.221.135.25:443 www.bing.com tcp
GB 88.221.135.25:443 www.bing.com tcp
GB 88.221.135.25:443 www.bing.com tcp
BE 66.102.1.84:443 accounts.google.com udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 r.bing.com udp
GB 95.101.143.201:443 r.bing.com tcp
GB 88.221.135.34:443 r.bing.com tcp
GB 88.221.135.34:443 r.bing.com tcp
GB 95.101.143.201:443 r.bing.com tcp
US 8.8.8.8:53 bing.com udp
US 8.8.8.8:53 201.143.101.95.in-addr.arpa udp
US 8.8.8.8:53 34.135.221.88.in-addr.arpa udp
US 204.79.197.200:443 bing.com tcp
US 204.79.197.200:443 bing.com tcp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 aefd.nelreports.net udp
GB 2.19.252.134:443 aefd.nelreports.net udp
NL 4.175.87.113:443 msedge.api.cdp.microsoft.com tcp
US 199.232.214.172:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
GB 95.101.143.201:443 th.bing.com tcp
US 52.167.30.171:443 fpt.microsoft.com tcp
US 8.8.8.8:53 fpt2.microsoft.com udp
US 172.67.142.26:443 fluxusofficial.com tcp
US 172.67.142.26:443 fluxusofficial.com tcp
US 172.67.142.26:443 fluxusofficial.com tcp
US 8.8.8.8:53 pin.it udp
GB 143.244.38.136:443 images.dmca.com tcp
US 13.107.246.64:443 www.clarity.ms tcp
US 216.239.34.36:443 region1.google-analytics.com udp
GB 142.250.179.226:443 ep1.adtrafficquality.google udp
US 4.227.249.197:443 u.clarity.ms tcp
IE 13.74.129.1:443 c.clarity.ms tcp
GB 142.250.187.193:443 ep2.adtrafficquality.google udp
US 204.79.197.237:443 c.bing.com tcp
US 204.79.197.237:443 c.bing.com tcp
GB 142.250.179.226:443 ep1.adtrafficquality.google udp
US 172.67.142.26:443 dl.fluxusofficial.com tcp
US 172.67.142.26:443 dl.fluxusofficial.com tcp
BE 66.102.1.84:443 accounts.google.com udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 172.67.73.98:443 temp-mail.org tcp
US 172.67.73.98:443 temp-mail.org tcp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
US 104.18.95.41:443 challenges.cloudflare.com tcp
US 104.18.95.41:443 challenges.cloudflare.com tcp
US 8.8.8.8:53 98.73.67.172.in-addr.arpa udp
US 8.8.8.8:53 73.80.16.104.in-addr.arpa udp
US 8.8.8.8:53 41.95.18.104.in-addr.arpa udp
GB 159.65.211.77:443 srv.buysellads.com tcp
US 172.66.43.196:443 cdn.paddle.com tcp
US 172.67.73.98:443 web2.temp-mail.org tcp
GB 159.65.211.77:443 srv.buysellads.com tcp
GB 216.58.212.194:443 securepubads.g.doubleclick.net udp
US 172.67.41.60:443 btloader.com tcp
FR 3.165.118.121:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 ad-delivery.net udp
US 104.26.3.70:443 ad-delivery.net tcp
US 104.26.3.70:443 ad-delivery.net tcp
US 216.239.34.36:443 region1.google-analytics.com udp
GB 142.250.200.34:443 ep1.adtrafficquality.google udp
FR 52.84.174.60:443 config.aps.amazon-adsystem.com tcp
US 130.211.23.194:443 api.btloader.com tcp
US 130.211.23.194:443 api.btloader.com tcp
GB 159.65.211.77:443 srv.buysellads.com tcp
GB 104.78.175.230:443 secure.cdn.fastclick.net tcp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 cdn.hadronid.net udp
US 8.8.8.8:53 rt.marphezis.com udp
US 8.8.8.8:53 script.4dex.io udp
US 8.8.8.8:53 prebid.media.net udp
US 8.8.8.8:53 fastlane.rubiconproject.com udp
US 8.8.8.8:53 mp.4dex.io udp
US 8.8.8.8:53 tlx.3lift.com udp
US 8.8.8.8:53 exchange.cootlogix.com udp
US 8.8.8.8:53 pbjs.e-planning.net udp
US 8.8.8.8:53 bidder.criteo.com udp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 prg.smartadserver.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 ex.ingage.tech udp
US 8.8.8.8:53 hb.yellowblue.io udp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
DE 51.89.9.251:443 onetag-sys.com tcp
US 104.22.52.173:443 cdn.hadronid.net tcp
US 104.22.53.86:443 cdn.id5-sync.com tcp
FR 18.155.129.39:443 tags.crwdcntrl.net tcp
US 34.120.63.153:443 prebid.media.net tcp
US 104.18.34.178:443 mp.4dex.io tcp
US 178.128.135.33:443 exchange.cootlogix.com tcp
US 178.128.135.33:443 exchange.cootlogix.com tcp
US 178.128.135.33:443 exchange.cootlogix.com tcp
US 178.128.135.33:443 exchange.cootlogix.com tcp
US 178.128.135.33:443 exchange.cootlogix.com tcp
US 178.128.135.33:443 exchange.cootlogix.com tcp
NL 188.166.203.175:443 rt.marphezis.com tcp
DE 37.252.173.215:443 ib.adnxs.com tcp
FR 185.255.84.150:443 hb-api.omnitagjs.com tcp
US 104.26.8.169:443 script.4dex.io tcp
NL 193.3.178.4:443 pbjs.e-planning.net tcp
NL 185.64.189.112:443 hbopenbid.pubmatic.com tcp
FR 217.182.178.224:443 prg.smartadserver.com tcp
FR 217.182.178.224:443 prg.smartadserver.com tcp
FR 217.182.178.224:443 prg.smartadserver.com tcp
FR 217.182.178.224:443 prg.smartadserver.com tcp
FR 217.182.178.224:443 prg.smartadserver.com tcp
FR 217.182.178.224:443 prg.smartadserver.com tcp
US 172.64.146.150:443 ex.ingage.tech tcp
FR 18.244.28.86:443 hb.yellowblue.io tcp
NL 178.250.1.56:443 bidder.criteo.com tcp
DE 3.124.64.248:443 tlx.3lift.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
FR 18.245.175.156:443 aax.amazon-adsystem.com tcp
US 35.241.34.106:443 c.4dex.io tcp
US 35.241.34.106:443 c.4dex.io tcp
US 35.241.34.106:443 c.4dex.io tcp
US 35.241.34.106:443 c.4dex.io tcp
US 35.241.34.106:443 c.4dex.io tcp
US 35.241.34.106:443 c.4dex.io tcp
US 172.64.146.150:443 ex.ingage.tech tcp
US 104.26.8.169:443 script.4dex.io tcp
US 172.67.23.234:443 id.hadron.ad.gt tcp
US 104.18.22.145:443 cadmus.script.ac tcp
US 172.67.23.234:443 id.hadron.ad.gt tcp
GB 142.250.200.34:443 ep1.adtrafficquality.google udp
GB 142.250.187.193:443 ep2.adtrafficquality.google udp
DE 162.19.138.117:443 lb.eu-1-id5-sync.com tcp
DE 162.19.138.118:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 150.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 4.178.3.193.in-addr.arpa udp
US 8.8.8.8:53 224.178.182.217.in-addr.arpa udp
US 8.8.8.8:53 112.189.64.185.in-addr.arpa udp
US 8.8.8.8:53 215.173.252.37.in-addr.arpa udp
US 8.8.8.8:53 86.28.244.18.in-addr.arpa udp
US 8.8.8.8:53 56.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 139.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 156.175.245.18.in-addr.arpa udp
US 8.8.8.8:53 248.64.124.3.in-addr.arpa udp
US 8.8.8.8:53 33.135.128.178.in-addr.arpa udp
US 8.8.8.8:53 106.34.241.35.in-addr.arpa udp
US 8.8.8.8:53 145.22.18.104.in-addr.arpa udp
US 8.8.8.8:53 117.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 118.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 9143e91fc55148df2fac1ea55688c6cb.safeframe.googlesyndication.com udp
GB 142.250.200.1:443 9143e91fc55148df2fac1ea55688c6cb.safeframe.googlesyndication.com tcp
US 35.241.34.106:443 c.4dex.io udp
NL 178.250.1.3:443 static.criteo.net tcp
GB 142.250.178.1:443 tpc.googlesyndication.com udp
GB 142.250.178.1:443 tpc.googlesyndication.com tcp
NL 178.250.1.11:443 gum.criteo.com tcp
US 172.67.23.234:443 id.hadron.ad.gt tcp
GB 142.250.200.34:443 ep1.adtrafficquality.google udp
FR 185.235.86.160:443 ag.gbc.criteo.com tcp
NL 178.250.1.25:443 csm.nl3.eu.criteo.net tcp
NL 178.250.1.25:443 csm.nl3.eu.criteo.net tcp
NL 178.250.1.25:443 csm.nl3.eu.criteo.net tcp
NL 178.250.1.25:443 csm.nl3.eu.criteo.net tcp
FR 185.235.86.49:443 gem.gbc.criteo.com tcp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 eb2.3lift.com udp
US 8.8.8.8:53 acdn.adnxs.com udp
US 8.8.8.8:53 prebid.a-mo.net udp
DE 51.89.9.251:443 onetag-sys.com udp
FR 185.255.84.152:443 visitor.omnitagjs.com tcp
US 8.8.8.8:53 sync.adkernel.com udp
US 34.195.202.207:443 cs.ingage.tech tcp
US 34.195.202.207:443 cs.ingage.tech tcp
US 34.195.202.207:443 cs.ingage.tech tcp
GB 104.77.118.82:443 hb.trustedstack.com tcp
NL 103.67.200.72:443 sync.adkernel.com tcp
FR 163.5.194.35:443 prebid.a-mo.net tcp
US 151.101.129.108:443 acdn.adnxs.com tcp
US 35.244.159.8:443 u.openx.net tcp
GB 2.18.108.192:443 ads.pubmatic.com tcp
GB 2.18.108.192:443 ads.pubmatic.com tcp
GB 95.100.244.20:443 contextual.media.net tcp
IE 34.249.87.237:443 ap.lijit.com tcp
US 69.55.55.219:443 sync.cootlogix.com tcp
GB 95.100.245.251:443 eus.rubiconproject.com tcp
US 76.223.111.18:443 eb2.3lift.com tcp
US 34.195.202.207:443 cs.ingage.tech tcp
US 34.195.202.207:443 cs.ingage.tech tcp
FR 3.165.113.91:443 eu-west-1-cs-rtb.openwebmp.com tcp
US 104.18.6.198:443 gum.aidemsrv.com tcp
DE 18.184.206.66:443 match.sharethrough.com tcp
GB 23.215.239.190:443 secure-assets.rubiconproject.com tcp
GB 23.215.239.190:443 secure-assets.rubiconproject.com tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
US 67.202.105.24:443 ssc-cms.33across.com tcp
DE 18.184.206.66:443 match.sharethrough.com tcp
US 107.22.211.243:443 cs-server-s2s.yellowblue.io tcp
US 8.8.8.8:53 237.87.249.34.in-addr.arpa udp
US 8.8.8.8:53 207.202.195.34.in-addr.arpa udp
US 8.8.8.8:53 219.55.55.69.in-addr.arpa udp
US 8.8.8.8:53 91.113.165.3.in-addr.arpa udp
US 8.8.8.8:53 198.6.18.104.in-addr.arpa udp
US 8.8.8.8:53 190.239.215.23.in-addr.arpa udp
GB 2.18.190.80:443 player.aniview.com tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
FR 5.196.111.68:443 ssbsync.smartadserver.com tcp
NL 185.184.8.90:443 creativecdn.com tcp
DE 148.251.40.113:443 sync.richaudience.com tcp
US 8.2.108.175:443 bc-sync.com tcp
US 54.83.39.146:443 api-2-0.spot.im tcp
US 3.33.220.150:443 match.adsrvr.org tcp
NL 46.228.174.117:443 sync.1rx.io tcp
US 64.202.112.255:443 b1sync.zemanta.com tcp
NL 35.214.149.211:443 csync.loopme.me tcp
NL 198.47.127.18:443 image8.pubmatic.com tcp
NL 35.214.136.108:443 x.bidswitch.net tcp
US 8.2.108.175:443 bc-sync.com tcp
US 64.202.112.255:443 b1sync.zemanta.com tcp
US 52.55.55.106:443 sync.srv.stackadapt.com tcp
IE 54.171.224.40:443 jadserve.postrelease.com tcp
US 204.62.12.209:443 sync-service.net tcp
US 192.132.33.67:443 bttrack.com tcp
US 35.244.174.68:443 id.rlcdn.com tcp
US 172.240.45.96:443 sync.aniview.com tcp
US 204.62.12.209:443 sync-service.net tcp
US 8.8.8.8:53 113.40.251.148.in-addr.arpa udp
US 8.8.8.8:53 211.149.214.35.in-addr.arpa udp
US 8.8.8.8:53 18.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 146.39.83.54.in-addr.arpa udp
US 8.8.8.8:53 255.112.202.64.in-addr.arpa udp
US 8.8.8.8:53 108.136.214.35.in-addr.arpa udp
US 8.8.8.8:53 40.224.171.54.in-addr.arpa udp
US 8.8.8.8:53 106.55.55.52.in-addr.arpa udp
US 8.8.8.8:53 68.174.244.35.in-addr.arpa udp
US 8.8.8.8:53 67.33.132.192.in-addr.arpa udp
US 8.8.8.8:53 96.45.240.172.in-addr.arpa udp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
NL 35.214.136.108:443 x.bidswitch.net udp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
GB 172.217.16.238:443 play.google.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 051a939f60dced99602add88b5b71f58
SHA1 a71acd61be911ff6ff7e5a9e5965597c8c7c0765
SHA256 2cff121889a0a77f49cdc4564bdd1320cf588c9dcd36012dbc3669cf73015d10
SHA512 a9c72ed43b895089a9e036aba6da96213fedd2f05f0a69ae8d1fa07851ac8263e58af86c7103ce4b4f9cfe92f9c9d0a46085c066a54ce825ef53505fdb988d1f

\??\pipe\LOCAL\crashpad_5712_GASHLDKCAJWADTPM

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 003b92b33b2eb97e6c1a0929121829b8
SHA1 6f18e96c7a2e07fb5a80acb3c9916748fd48827a
SHA256 8001f251d5932a62bfe17b0ba3686ce255ecf9adb95a06ecb954faa096be3e54
SHA512 18005c6c07475e6dd1ec310fe511353381cf0f15d086cf20dc6ed8825c872944185c767f80306e56fec9380804933aa37a8f12c720398b4b3b42cb216b41cf77

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 bda64c2aa3f447c45c290cc8b9c0ffe5
SHA1 d313bd06a61fd12c52f371e238fc5f2742159d72
SHA256 aaec314ebf4991c6198dba24323fb14ad231f4c1ca43c1b528c75ad6376668bf
SHA512 2d3f5b13acf9a90bec3743d2479a2bdf90e0721372f59410c8264e3c08f3a36d449403b7d4cdd61d6c40cc99490141771625594080135892315e0eef5a694b06

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 96444323a4181fa7bb1a15b81eab7096
SHA1 6a5209eab9367eabafcac5ce478c2980bb7ccce5
SHA256 7b85a7f6d9df9052205ec0a2a69ea1c0659ab686ef05d2cb63f91d0975229370
SHA512 11e2272a40c389dc59a5f316eda88e6d15c0adceca20002c14480c7fa315d0833866ae0e502c856c2d7522c9d3be6db08029effbecea735197a683c939aafc8f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c146cd7340cde8c835ab9941005a264b
SHA1 3c4a19dca7ec0bd66d0241e37472bf9d2a9f9986
SHA256 2334cd40d3bc9300a454af88d566428696a41abc2ded7e4bd67818d02602d9e7
SHA512 c35557eb0a0e7f8233b054ce36ccfa2ab6078e3079bb34be5839934844973da74d3e70d6d91e7e58b9477a0302dd90d31bc57d559ccdf6375c4a5f40fd271660

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 bcffd46f40e1de5a3021b97369217386
SHA1 3fd8905eebc888c494232d1a4022d3c52c0db33b
SHA256 08f646bdbf1ecf56d4f01d73f92ddd0089934813b6d03145f6046988469719d9
SHA512 6e5e15d325b3287b56005bb81129533d5ee56e675cbcc874edcbc50bd68c94f78f34b86079fffb13758cb9920ed6c6973d685f0ef04ca23a8ee8bae948070de6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d846163cf11e9c9225bee06b70942123
SHA1 5b65ef1e22d628a637f57696315d6c23fb2e0ec2
SHA256 6db55ad0b152c496e5ec38ef7a4de9dce8aea791ad415a967f5aca862c08df70
SHA512 5dc12ce618f4c5a5e15353062c175bed479bb73ca598f33db41aabc12db1d6f3e9b2f8da77017cd0a490d104a4bc9a1a3c7ab8d37c5bdab4f644eafd711e5c6a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 371f10b77cdd6f75ab1ba4db62b3ac62
SHA1 c58a5c1fa64ce665b63dc57762e760995b4e9f91
SHA256 0429604462d428720f1db1d9f832c5a33e1ddeb6cf7f9cccb36a343787d6eb32
SHA512 dd5d2d81e9b1e57ca0582639591c90586e074905eaa6f18934a90d9cd220f44431c849a27a28b6b6b9f57fd2f48fd4082d54336fdf23cfa3bb8243e13b8dd627

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5824d9.TMP

MD5 f2c321217c62ac32a2f4586bc27fd022
SHA1 476fbfa2ee3a52b9b0ea1fdfca77aa87ec48da22
SHA256 299a7f906ed621cfa6cfef4c73fe94f042921506f4a385bc12dbbc880e092388
SHA512 48a07759b3186cda2568496d40abe334179808532c6da229a7e57c61682e9106ec8b150f7fdffe6e52cd62d2a982643e70cf834622ee99443dcc2b22949e9c5a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 46908b16a1d5cecab52d19370064f415
SHA1 4d3846e9a8933a56facfe29610f74fdf44143343
SHA256 27592b6400f10c0a24f62fb501603e18710e8e091ca18b5023610253ce526539
SHA512 835f2ae66f0e42213ba89150dceb04ccecbb2fc173b4f27b1a0fe8ed3d19791927fdd22984b136b60b307dc27ffbdc0dd4bcbc79cf970b5ea37c203970c40a43

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 169a89e3e75c292699cf32eed48f19d3
SHA1 a952a8f4b17109d31172512b933c265b8b6f638d
SHA256 9ad53b9842885f033796e7bfdbc1ffa8bb12e98626c78e6e3c1486d5249c40c1
SHA512 352808c81d6defe617dd1b6446409770f72aa22f15e1350c7adb16ee6b9b0d1f20f06b4ec33734a4d2f9dfadd42679839e574ed89793a82cf65badaa2758c8d0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 eee34598626a6b97022e4fbdde0637d8
SHA1 dfa130caf6e3c32cc039f7999a3f32f87c64e3f9
SHA256 8d258616c4205d8ab412f3395b4a3cafbf7f04cae3ea4ec0f62961341ff4aeed
SHA512 3055d7c6c2917d0ebf8a7aaf49154602b4d964fdfbff3af76d770aea61f1f324b526b24cc10cd60e7309351dff59bbf0249ced047d7e99d126576b5333506fba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c9aee405415ff6822a83560491ea0e04
SHA1 53d0d4ef0ecdb0128270f2aa800285aa8bd09931
SHA256 93595392e2dabfb3da9d097bd00600d1a7f57943414102a9c51ce5a68655ae84
SHA512 f573fdb631f6c2d6dd11588c59934457a4cf392fe8d9d9ac2dab223176dba49fef83c8a63c3617d9037679ba5450257812d5e44dc38fda10a450532a5575c007

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 250b7f0cd262884ae582010a340e97c9
SHA1 d19cb0ee9ef8dc4ebc074300ea56b07173a39836
SHA256 2e70debc88778e521f53f0a2d52244038e5242e6ad3a9f2642f415fa9d4369e8
SHA512 2cdd09e1b0fecb46807cc29be95866175b5a58e93f9510b519693d2254891b1e7ee9810ca5cd953911464401600a36292db82e5517ae6fa5aaee280699401c56

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

MD5 bfd9031786ea04b64b5a183d5207527e
SHA1 cb9485e6f785315c3f8cbd9ccc0b210d20167668
SHA256 33664a2bb1dd0a28cf0323960a2233024d3a5cb0c103b786ec17334b3b982292
SHA512 5c8bc93e404b254281d06c8f2ebcb53e7fd25f7971741a142d532731a2246ff7b69ca9e5defac075eedc87f9bc4f0990873b155d3c6ea50b534f36908b2be379

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 8a488b37cbe4a4f4b4b26de55c3eeb55
SHA1 9fefbc8936a5ecc60d50389f2a38d876e3638ea7
SHA256 7ece8f0de043806a95c9bc665d6f2a3a6317779b0c3fa02cd5abb71d53edbcde
SHA512 ae7a867bd8a2f3d8af6aa4dc4aea7f489362b6dbcc2ded7df0cce20624b59fe69371ecd47925056b5ee6f1ecde5643f7fab7c99391eaf1508540692b4042bdbf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old~RFe58a96a.TMP

MD5 b52868939cd3f10dda5ce90659e15ba5
SHA1 640436d0c35957cf57409d55bff1d16e80b1bcab
SHA256 186f0646a3e613422c0a06b8f0f26bd3b6dc7b02819601a90223f974b29d7156
SHA512 94fbeaabb16ebc4b551e5a4bd24c36833f32a9b8e8f445f8c1e4df13ac378d163676012e6031a3f67908c489cb0314c3d1d496ce76150d3fe9a72da997b1cdf7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ca

MD5 588ee33c26fe83cb97ca65e3c66b2e87
SHA1 842429b803132c3e7827af42fe4dc7a66e736b37
SHA256 bbc4044fe46acd7ab69d8a4e3db46e7e3ca713b05fa8ecb096ebe9e133bba760
SHA512 6f7500b12fc7a9f57c00711af2bc8a7c62973f9a8e37012b88a0726d06063add02077420bc280e7163302d5f3a005ac8796aee97042c40954144d84c26adbd04

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 fe69444069ad605c5e7b6e6b6154a2f8
SHA1 9e842581b8d496455dbaa9566136a7cff29732d5
SHA256 86fc87e36c807c1bff220fca62fa50205812f1af00fc80c75acd9de4b3bc4d7c
SHA512 749e045e9c1827628fafb2a38cb33104b8e472fd730b6843d910f3104ce17b2bb734b5a6fad4e77e2477d8c95f4f685c702554ddaf51539420878d08cc527261

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 32887dcc68b846219a391bf149699d87
SHA1 fa3e92f940e0d7b3e68ac956558f12703adcc31e
SHA256 640a41ffcc635393ec12a22beb8c0c1ff20501bca7affd68b3f207872223df84
SHA512 c44a1fde2d4bc3134a17ba283f4cb35fe10b5b5b36e0d3ea57493e532553db9a20f5e90c279dc482dc8aa3c011c66aa2bc350686b2d24de9b649072f25f618e8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 2703795398072a0b4dc616771d1591c7
SHA1 585201e4ee2ffee7224b18a85fe60b204d319538
SHA256 1b957fbad3f1a1805afd585933986b9a8c1228ecb6eac1375fbce488090ac1de
SHA512 c9617376167e862b4e65f322d67932d0335139c49c694c748cd03ca64d35828ac8d65a6d8a94c4cf16d0a9b3b17fc3cacfb83df5d7bfc4f09a48d615f16fe06b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 142c0a453b5da2636d27e0d51cdc9318
SHA1 af84c800c0beb7ad1299300a72d0d9af6191b4a9
SHA256 df356b2634fd8e30e0649fe37f2348d1ba337c235e74039e134caa14b1d2bf35
SHA512 4045b411df00f78c8a16bdc797d40643bd8c624f07b643b5390b472bf87469e05e0b65559c2a9c3411c038f3432a691b32eeffb37e8446056c4c3ff62548fa98

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 8594f66dbf20dc692e41b755e2ae8769
SHA1 6722253fdace8e7622150c3e7f35075965de5876
SHA256 b086659dc13d65d48d932b4c6aef09d212e3970158b281a04acf635f11b9c8f7
SHA512 a84c40e4693438b53d4aa43d4af0204bf085a6337c60daa47701c862bb9754de18332ae0e7d4c3abb2950e3847955ef355945c70cf374be5e78a0a46eb3fe75a

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe:Zone.Identifier

MD5 fbccf14d504b7b2dbcb5a5bda75bd93b
SHA1 d59fc84cdd5217c6cf74785703655f78da6b582b
SHA256 eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913
SHA512 aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

MD5 da5705f4ae30d837139cb7380d941e1b
SHA1 08ae6cb9b2703df17b2bf554586a36f4b73502a6
SHA256 9f205a55a45a2a45d2ebb98afb21499b191a4b2e26f4311568d0337b32faa1ca
SHA512 f3042947d05222aff5facc14ac6123380d502435e98608dc6d053848997cdd0fb22b121a381e67df893c15ae14ed836a58fca5898540ea5dfb0a0da32ed8dbef

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 c3f7959a379f01c470aa455b4d397547
SHA1 560e1d2a134cb2756934c97004f289854225b8be
SHA256 06bb65321e33ffb571ac47972db5913502c5e9ced3b993ede7717edc91b20989
SHA512 3c900036259ff330a8c8dd77f7b7c7f7aeec0b6d858d597aece1236aa01218df893fc9d097d1a51d2720a02381d7c15f51919bfd9822f0cccc0210205964d46b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 07fcfc831059346a54389f2ac9ae476f
SHA1 66a1c20fe7a0427003c036f8f929d583505919d4
SHA256 a879069daffb2cca8e67f6fb116141e7c59ccd77d4355b7fc8f6e21c99c6b68c
SHA512 2c609bd179d09b7c38077883fd84ec7c9c0946bc7deaef5260f5c06157f54811413ea33fcd51358fbf0a8c907e9c4c5408d693c98a2440f0f4f3463680649ff8

C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe

MD5 b68e7f7ae52ef8e962723c7ddda4f75d
SHA1 686bdf2057cdd7b16877fb5eec0aff150fa074d0
SHA256 d779b2acc52b4b3e72c1461dbc7e950f0b650e924b3799db425942f64624e94d
SHA512 cb0ecf531c95d657019b0188e648520b36b8386516d2e640239d99972ae44439d21ec6fcbe7902fc59c6f65db3571db0944e48f2207a442f3be5d10c9655bbb1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1bb7cbdf07397c8d81864e507966527e
SHA1 418ce22fe39e826ce8e89bdb90e7a35e2acf99cc
SHA256 7949db0d9ffd4f258d54d0909f18ab18c059a6f3c99cce95da7801059a33d011
SHA512 7a6899b84f40488e68b27b8d923ddefb605bb1ecda09094f004fe814347c4f1c06f8656173e0dca38d2d36f2624a12a73e03f96528ba9d279217c1f0ae10ce28

C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\7f3632afdee7118812dd116069729b41

MD5 7f3632afdee7118812dd116069729b41
SHA1 ed116033aff765c3eb24c3059aff6c6fb0be0c0c
SHA256 6c98e86a6d732761ef8b8b2df2646f55190657e02201ec8ab8b9137345154c5a
SHA512 44948874e9d243c234882ab1db269fd729f57ad5fb36a3b22428e0d78a9fe5a05366ed2eb97d0331caa0ef1b622528130344016e13f809b266dc1bdc10ebf9ed

C:\Program Files (x86)\Roblox\Versions\version-b7eebc919e96477a\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MD5 610b1b60dc8729bad759c92f82ee2804
SHA1 9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552
SHA256 921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08
SHA512 0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeUpdate.exe

MD5 4dc57ab56e37cd05e81f0d8aaafc5179
SHA1 494a90728d7680f979b0ad87f09b5b58f16d1cd5
SHA256 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718
SHA512 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdate.dll

MD5 965b3af7886e7bf6584488658c050ca2
SHA1 72daabdde7cd500c483d0eeecb1bd19708f8e4a5
SHA256 d80c512d99765586e02323a2e18694965eafb903e9bc13f0e0b4265f86b21a19
SHA512 1c57dc7b89e7f13f21eaec7736b724cd864c443a2f09829308a4f23cb03e9a5f2a1e5bcdc441301e33119767e656a95d0f9ede0e5114bf67f5dce6e55de7b0a4

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_en.dll

MD5 4a1e3cf488e998ef4d22ac25ccc520a5
SHA1 dc568a6e3c9465474ef0d761581c733b3371b1cd
SHA256 9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011
SHA512 ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeUpdateCore.exe

MD5 c044dcfa4d518df8fc9d4a161d49cece
SHA1 91bd4e933b22c010454fd6d3e3b042ab6e8b2149
SHA256 9f79fe09f57002ca07ae0b2a196e8cc002d2be6d5540ee857217e99b33fa4bb2
SHA512 f26b89085aa22ac62a28610689e81b4dfe3c38a9015ec56dfeaff02fdb6fa64e784b86a961509b52ad968400faa1ef0487f29f07a41e37239fe4c3262a11ac2c

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe

MD5 60dba9b06b56e58f5aea1a4149c743d2
SHA1 a7e456acf64dd99ca30259cf45b88cf2515a69b3
SHA256 4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112
SHA512 e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\MicrosoftEdgeComRegisterShellARM64.exe

MD5 7a160c6016922713345454265807f08d
SHA1 e36ee184edd449252eb2dfd3016d5b0d2edad3c6
SHA256 35a14bd84e74dd6d8e2683470243fb1bb9071178d9283b12ebbfb405c8cd4aa9
SHA512 c0f1d5c8455cf14f2088ede062967d6dfa7c39ca2ac9636b10ed46dfbea143f64106a4f03c285e89dd8cf4405612f1eef25a8ec4f15294ca3350053891fc3d7e

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\EdgeUpdate.dat

MD5 369bbc37cff290adb8963dc5e518b9b8
SHA1 de0ef569f7ef55032e4b18d3a03542cc2bbac191
SHA256 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3
SHA512 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_am.dll

MD5 f6c1324070b6c4e2a8f8921652bfbdfa
SHA1 988e6190f26e4ca8f7ea3caabb366cf1edcdcbbf
SHA256 986b0654a8b5f7b23478463ff051bffe1e9bbdeb48744e4aa1bd3d89a7520717
SHA512 63092cf13e8a19966181df695eb021b0a9993afe8f98b1309973ea999fdf4cd9b6ffd609968d4aa0b2cde41e872688a283fd922d8b22cb5ad06339fe18221100

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_af.dll

MD5 567aec2d42d02675eb515bbd852be7db
SHA1 66079ae8ac619ff34e3ddb5fb0823b1790ba7b37
SHA256 a881788359b2a7d90ac70a76c45938fb337c2064487dcb8be00b9c311d10c24c
SHA512 3a7414e95c2927d5496f29814556d731aef19efa531fb58988079287669dfc033f3e04c8740697571df76bfecfe3b75659511783ce34682d2a2ea704dfa115b3

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\NOTICE.TXT

MD5 6dd5bf0743f2366a0bdd37e302783bcd
SHA1 e5ff6e044c40c02b1fc78304804fe1f993fed2e6
SHA256 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5
SHA512 f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_ar.dll

MD5 570efe7aa117a1f98c7a682f8112cb6d
SHA1 536e7c49e24e9aa068a021a8f258e3e4e69fa64f
SHA256 e2cc8017bc24e73048c7ee68d3787ed63c3898eec61299a9ca1bab8aeaa8da01
SHA512 5e963dd55a5739a1da19cec7277dc3d07afdb682330998fd8c33a1b5949942019521967d8b5af0752a7a8e2cf536faa7e62982501170319558ceaa21ed657ae8

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_as.dll

MD5 a8d3210e34bf6f63a35590245c16bc1b
SHA1 f337f2cbec05b7e20ca676d7c2b1a8d5ae8bf693
SHA256 3b82de846ad028544013383e3c9fb570d2a09abf2c854e8a4d641bd7fc3b3766
SHA512 6e47ffe8f7c2532e7854dcae3cbd4e6533f0238815cb6af5ea85087c51017ea284542b988f07692d0297ebab1bad80d7613bf424ff532e10b01c8e528ab1043a

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_az.dll

MD5 7937c407ebe21170daf0975779f1aa49
SHA1 4c2a40e76209abd2492dfaaf65ef24de72291346
SHA256 5ab96e4e6e065dbce3b643c6be2c668f5570984ead1a8b3578bbd2056fbad4e9
SHA512 8670746941660e6573732077f5ed1b630f94a825cf4ac9dbe5018772eaac1c48216334757a2aeaa561034b4d907162a370b8f0bae83b34a09457fafe165fb5d7

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_bg.dll

MD5 8375b1b756b2a74a12def575351e6bbd
SHA1 802ec096425dc1cab723d4cf2fd1a868315d3727
SHA256 a12df15afac4eb2695626d7a8a2888bdf54c8db671043b0677180f746d8ad105
SHA512 aec4bb94fde884db79a629abcff27fd8afb7f229d055514f51fa570fb47a85f8dfc9a54a8f69607d2bcaf82fae1ec7ffab0b246795a77a589be11fad51b24d19

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_bn.dll

MD5 7dc58c4e27eaf84ae9984cff2cc16235
SHA1 3f53499ddc487658932a8c2bcf562ba32afd3bda
SHA256 e32f77ed3067d7735d10f80e5a0aa0c50c993b59b82dc834f2583c314e28fa98
SHA512 bdec1300cf83ea06dfd351fe1252b850fecea08f9ef9cb1207fce40ce30742348db953107ade6cdb0612af2e774345faf03a8a6476f2f26735eb89153b4256dc

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_bn-IN.dll

MD5 a94cf5e8b1708a43393263a33e739edd
SHA1 1068868bdc271a52aaae6f749028ed3170b09cce
SHA256 5b01fe11016610d5606f815281c970c86025732fc597b99c031a018626cd9f3c
SHA512 920f7fed1b720afdb569aec2961bd827a6fc54b4598c0704f65da781d142b1707e5106a459f0c289e0f476b054d93c0b733806af036b68f46377dde0541af2e7

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_ca.dll

MD5 39551d8d284c108a17dc5f74a7084bb5
SHA1 6e43fc5cec4b4b0d44f3b45253c5e0b032e8e884
SHA256 8dbd55ed532073874f4fe006ef456e31642317145bd18ddc30f681ce9e0c8e07
SHA512 6fa5013a9ce62deca9fa90a98849401b6e164bbad8bef00a8a8b228427520dd584e28cba19c71e2c658692390fe29be28f0398cb6c0f9324c56290bb245d06d2

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_ca-Es-VALENCIA.dll

MD5 2929e8d496d95739f207b9f59b13f925
SHA1 7c1c574194d9e31ca91e2a21a5c671e5e95c734c
SHA256 2726c48a468f8f6debc2d9a6a0706b640b2852c885e603e6b2dec638756160df
SHA512 ea459305d3c3fa7a546194f649722b76072f31e75d59da149c57ff05f4af8f38a809066054df809303937bbca917e67441da2f0e1ea37b50007c25ae99429957

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_cs.dll

MD5 16c84ad1222284f40968a851f541d6bb
SHA1 bc26d50e15ccaed6a5fbe801943117269b3b8e6b
SHA256 e0f0026ddcbeafc6c991da6ba7c52927d050f928dba4a7153552efcea893a35b
SHA512 d3018619469ed25d84713bd6b6515c9a27528810765ed41741ac92caf0a3f72345c465a5bda825041df69e1264aada322b62e10c7ed20b3d1bcde82c7e146b7e

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_el.dll

MD5 ac275b6e825c3bd87d96b52eac36c0f6
SHA1 29e537d81f5d997285b62cd2efea088c3284d18f
SHA256 223d2db0bc2cc82bda04a0a2cd2b7f6cb589e2fa5c0471a2d5eb04d2ffcfcfa0
SHA512 bba581412c4297c4daf245550a2656cdc2923f77158b171e0eacf6e933c174eac84580864813cf6d75d73d1a58e0caf46170aee3cee9d84dc468379252b16679

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_eu.dll

MD5 a7e1f4f482522a647311735699bec186
SHA1 3b4b4b6e6a5e0c1981c62b6b33a0ca78f82b7bbd
SHA256 e5615c838a71b533b26d308509954907bcc0eb4032cdbaa3db621eede5e6bfa4
SHA512 22131600bbac8d9c2dab358e244ec85315a1aaebfc0fb62aaa1493c418c8832c3a6fbf24a6f8cf4704fdc4bc10a66c88839a719116b4a3d85264b7ad93c54d57

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_fi.dll

MD5 d45f2d476ed78fa3e30f16e11c1c61ea
SHA1 8c8c5d5f77cd8764c4ca0c389daee89e658dfd5e
SHA256 acf42b90190110ccf30bcfb2626dd999a14e42a72a3983928cba98d44f0a72e2
SHA512 2a876e0313a03e75b837d43e9c5bb10fcec385fbb0638faa984ee4bb68b485b04d14c59cd4ed561aaa7f746975e459954e276e73fc3f5f4605ae7f333ce85f1b

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_fa.dll

MD5 cbe3454843ce2f36201460e316af1404
SHA1 0883394c28cb60be8276cb690496318fcabea424
SHA256 c66c4024847d353e9985eb9b2f060b2d84f12cc77fb6479df5ffc55dbda97e59
SHA512 f39e660f3bfab288871d3ec40135c16d31c6eb1a84136e065b54ff306f6f8016a788c713d4d8e46ad62e459f9073d2307a6ed650919b2dd00577bbfd04e5bd73

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_et.dll

MD5 b78cba3088ecdc571412955742ea560b
SHA1 bc04cf9014cec5b9f240235b5ff0f29dbdb22926
SHA256 f0a4cfd96c85f2d98a3c9ecfadd41c0c139fdb20470c8004f4c112dd3d69e085
SHA512 04c8ab8e62017df63e411a49fb6218c341672f348cb9950b1f0d2b2a48016036f395b4568da70989f038e8e28efea65ddd284dfd490e93b6731d9e3e0e0813cf

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_es-419.dll

MD5 28fefc59008ef0325682a0611f8dba70
SHA1 f528803c731c11d8d92c5660cb4125c26bb75265
SHA256 55a69ce2d6fc4109d16172ba6d9edb59dbadbc8af6746cc71dc4045aa549022d
SHA512 2ec71244303beac7d5ce0905001fe5b0fb996ad1d1c35e63eecd4d9b87751f0633a281554b3f0aa02ee44b8ceaad85a671ef6c34589055797912324e48cc23ed

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_es.dll

MD5 9db7f66f9dc417ebba021bc45af5d34b
SHA1 6815318b05019f521d65f6046cf340ad88e40971
SHA256 e652159a75cbab76217ecbb4340020f277175838b316b32cf71e18d83da4a819
SHA512 943d8fc0d308c5ccd5ab068fc10e799b92465a22841ce700c636e7ae1c12995d99c0a93ab85c1ae27fefce869eabadbeafee0f2f5f010ad3b35fa4f748b54952

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_en-GB.dll

MD5 d749e093f263244d276b6ffcf4ef4b42
SHA1 69f024c769632cdbb019943552bac5281d4cbe05
SHA256 fd90699e7f29b6028a2e8e6f3ae82d26cdc6942bd39c4f07b221d87c5dbbfe1e
SHA512 48d51b006ce0cd903154fa03d17e76591db739c4bfb64243725d21d4aa17db57a852077be00b9a51815d09664d18f9e6ad61d9bc41b3d013ed24aaec8f477ad9

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_de.dll

MD5 aab01f0d7bdc51b190f27ce58701c1da
SHA1 1a21aabab0875651efd974100a81cda52c462997
SHA256 061a7cdaff9867ddb0bd3de2c0760d6919d8d2ca7c7f889ec2d32265d7e7a75c
SHA512 5edbda45205b61ac48ea6e874411bb1031989001539650de6e424528f72ec8071bd709c037c956450bb0558ee37d026c26fdb966efceb990ed1219f135b09e6e

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_da.dll

MD5 d34380d302b16eab40d5b63cfb4ed0fe
SHA1 1d3047119e353a55dc215666f2b7b69f0ede775b
SHA256 fd98159338d1f3b03814af31440d37d15ab183c1a230e6261fbb90e402f85d5f
SHA512 45ce58f4343755e392037a9c6fc301ad9392e280a72b9d4b6d328866fe26877b2988c39e05c4e7f1d5b046c0864714b897d35285e222fd668f0d71b7b10e6538

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_cy.dll

MD5 34d991980016595b803d212dc356d765
SHA1 e3a35df6488c3463c2a7adf89029e1dd8308f816
SHA256 252b6f9bf5a9cb59ad1c072e289cc9695c0040b363d4bfbcc9618a12df77d18e
SHA512 8a6cbcf812af37e3ead789fbec6cba9c4e1829dbeea6200f0abbdae15efd1eda38c3a2576e819d95ed2df0aafd2370480daa24a3fe6aeb8081a936d5e1f8d8ed

C:\Program Files (x86)\Microsoft\Temp\EU5078.tmp\msedgeupdateres_bs.dll

MD5 e338dccaa43962697db9f67e0265a3fc
SHA1 4c6c327efc12d21c4299df7b97bf2c45840e0d83
SHA256 99b1b7e25fbc2c64489c0607cef0ae5ff720ab529e11093ed9860d953adeba04
SHA512 e0c15b166892433ef31ddf6b086680c55e1a515bed89d51edbdf526fcac71fb4e8cb2fadc739ac75ae5c2d9819fc985ca873b0e9e2a2925f82e0a456210898f9

C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log

MD5 a1dbc6983b4b94d851acd40a63f4617e
SHA1 39644ffafc494e07b73ac90ea301910fa9a4550e
SHA256 3ced021cf20fc93178a2cebdd4c75bb3a0764282dcac4a519ec6921bb3123375
SHA512 1990b5584345b369bfd69deba17f5ef3ffe5cd83bc4154e962bae013e516489998d050914a3ea8178d7405f631dadfdcde1b1f8a54ce11c22827ca251fdbb0fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 aa7890d74d2ec532cbe8b629734947b4
SHA1 fdc499e1a1cadb14f4af7bb3c41fb3f42bb548cf
SHA256 67f8473c1dd64ecdb3688490f300bea54ee320216ce3920c893705428566736f
SHA512 595b9c207873e639626feb8e5760247defdb074f9da9eeab42bb4d7d6ccbafe6fe3473e4392957fda281107a4754de0d79a13b7c67cc62eb46b8234695c0d7cf

memory/2644-1368-0x0000000001000000-0x0000000001035000-memory.dmp

memory/2644-1369-0x0000000072F20000-0x0000000073130000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ca49871431d3e30609044243355044e9
SHA1 b543083ddaccedf5f2db02734cc4c3b573b4b0ae
SHA256 cc335c7693540b4a81f2f87ce9bc1eef130618dd41b2b234cafcffd673b8855c
SHA512 2bedc32f919241f49fd891b99ddb272ae31a0eeb2380ec94345f5b88d7ee67ae0cb301dc7fb523957de17bacca732a0b23f92f0d09fe6a18f18746e1b5e52903

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 9805192b3c5e203f7df2a8652ff72f73
SHA1 76a3a938cbe797193260124591405c68d63c12a8
SHA256 ec40e61490be21743f21417d4e20e3d5ed7830c629145c5bd1dabe355d397248
SHA512 d2450957ed9b4e8cde580d2056468046c4bf8cf4eae8ee9b2ec982eda28749dfc970cc7b204e057eeb3835325f16bf69590ca5400e816f0ed8dd0b5cbf43fac3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 08ceb3b7e29ed985eacdce3378a80ae1
SHA1 661b615dc736ebdca3ff0294b83b6bdaccb149d0
SHA256 eeee00b350887f5197a58ce237c764fa2cf140f10d90cc23de8cab2689b81b91
SHA512 b119a15dec9de253f9b446cc5bbee62f5fcda95ce6968f822641e4dfd032312c99b0719595fc63f7828e18d45cc171a42917a066a32550261c93986a5d9c5217

C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat

MD5 c78e07a1aed280f0ecf3a62b354574c0
SHA1 1a2a1a8f7bbae8960db6335421dbf7ca2541cf00
SHA256 04a57f13251271cd45e097ec1fc7de93085dbd52f33bc76eac20835d01b4c8ee
SHA512 5fc0d6f589976fa79a79a4f95834d9c90eebe1d34d94f020d40342bc225e895e6d75163c7015d796ed0bbaaac78d10b4c23b74bd6358306d7f3bc4f2cd44be0a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 8aba06201ed52f827abddbe4d1980f7a
SHA1 cf122b0bdc6926d14ae2ceb415ab1eb5bf8eeac5
SHA256 81bdd067475b43a521a67f64c3d805664432e2d39ec44a1c170fdf284b547f12
SHA512 1785f398a33d64cad0270179d8a38983c1572501be830dc3b396625cc0deac1acd5cb0f4dfc76f455247d4993067475786fb8c2c489232586d7af2915f0d8d0e

C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.80\Installer\setup.exe

MD5 b621cf9d3506d2cd18dc516d9570cd9c
SHA1 f90ed12727015e78f07692cbcd9e3c0999a03c3a
SHA256 64050839b4a6f27d896e1194e902a2f7a3c1cab0ef864b558ab77f1be25145d6
SHA512 167c73cf457689f8ba031015c1e411545550f602919c35aff6fd4d602bd591d34e8c12887a946902b798bf4cf98aadfce3c2de810bf16c7c24a216bfd8abec19

memory/2644-1580-0x0000000072F20000-0x0000000073130000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 4ba4847e452bcea36fdbed22041b826c
SHA1 05caa60cb27ee6c61f31089aa8df4b933419dfe8
SHA256 20377880e2ac3a51346324c7ef3124c2fa4869c404d62dde4b73fc68f85b1c23
SHA512 946fe84a34610e1291a41221b11c97bf611be2c038d30886ece47b89342e02c2c0f4b1e136488647a24b646f050d284428dbe9af902110a9e4d4e57ef9fc962f

C:\Users\Admin\Downloads\Unconfirmed 881681.crdownload

MD5 0c51311b8e9d06dc32930c38c98a7b95
SHA1 aacbb77423f97d4bc7ec74c75dc6807ed4338623
SHA256 26323b34dc2f151859ba9d36615463908478a70915bc7076a1babe52855c22c0
SHA512 aa3f4baaeab39e29d7b16221871d6a1219310b43d750415dbd7b114c57b1c133bbfc25e213398ace80cf361a4f6389c191cba56713985a5ce238d920610c0801

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 191cf0e9c0768133f87011cae55b65f2
SHA1 d303f7ffc1e7c5819216cf766c5e9f770c4eaa26
SHA256 01d4f999d74c8cbe173fbdfad78bc0b0ee16518b1a41f80c820f575e82144be0
SHA512 c4fbc33865c038b214d8e7f94261d07039db2dccef6082059ff8cb81252598a315bef5030fc27de61a036dd584e6053ec335929c080aae8dfa96137b8ab63832

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 47072bf02bec38ce22bdd00435d7f882
SHA1 54ef4f24f77f67e5c4d52cefc387d8589ee88358
SHA256 6657191f63a625a635a3cb8a12041c9f6e4ef6e4a1492bb635f51d554b408934
SHA512 f9841f779b7decefbacd68bd1e11f10b46d9c98275e8b6056c65bebabf485f45813f56196d70c56a88f6c2bddb1d6a046f83ae9e9551d6bca30880c95abdee59

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 d4f059eccd2c5ffd00f5b725b14350f4
SHA1 ad83e6b4eba35126e46f4eecc58b515d85a6ec11
SHA256 beab59070fb187c0f24b60b4a68dd9bd6d69fb5d9f0e224ee4c432c3c357b19e
SHA512 c3d521d188ce60c17700720f1cc229143e952c56cab2bea436222d7f6e1d608c93ec3896a9403ea3b0f86aa4cded484911d51c11cabf9179b20242926180b835

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 10288817b7acb6c73886b2c3c965c035
SHA1 21951db608a957cf4d88f451793a4ec2904bfb8a
SHA256 ed3e72172e357f24aa0f0b7bf148d82d25d57cfcc7884e58177766a7f7714cd9
SHA512 7212246c19f854ef842ad937daf3fe9be0ea27d3e0a3fad9119f279d22d1eabf2074fb9a5175c44cd7f90608544ed55263f327192413d1aae87e92a2a898701a

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JJSploit\JJSploit.lnk~RFe5a7408.TMP

MD5 c6d212b85f29089f07c221be55907de9
SHA1 a3fafeb1d94f88b379b61ad3e38d20d5b10801c4
SHA256 5086cf97fd1759c0c4ab20f6b8ea376a55d58471a2ae3815b526f681bfc4e024
SHA512 b4bdf26861cf59b4ed97e0147d9497e6b6b0482c630d31f1a1060720e034c32145c45c941f661a3b4e07a2dc69eb73d201afb4ec403e1d5e16f74e39ecbcf5ef

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JJSploit\~JSploit.tmp

MD5 b91ee3fd1e0ead12b2a86db204cfe76f
SHA1 869836dd5ad66725073504a7a91357f7f6681ad9
SHA256 639b1cc25fb0fbfaaf9d488e3c1e93baa393d088b9d13b7b1af6d3d4a0c79f62
SHA512 8b450634f9db83a9b1e87b56934cc32da562760c888eb412a6f1401e0dfbfa407b1fb48c64051855a2912b4f11ccf78c2f7158e579dcf6cc97a7f3e08e85af50

C:\Program Files\JJSploit\JJSploit.exe

MD5 8c80175a590266d599fb77ccc1fa8f85
SHA1 b46cfda374e01776361c9b1dc6b46f5d7275105b
SHA256 94f52e11c81f7700834281cb179089e470528cf2f3701d5428195a06fe7a7269
SHA512 0d6f1bf2d0e2cdc151a2af3e814c2f724e26f37fd4e4a36fefd2e30b5249b4745b0548ee320e8faedc1002980c1554007b4b3b5ba837e30c759122a6ce0b7f95

C:\Config.Msi\e5a7254.rbs

MD5 587d09761f540a414e2441cbf9150016
SHA1 6e0ad3a962c56d350c20f39c19b10fde5f69b014
SHA256 d7e54d99ac10952dbe1e299570b25ab8044c91bcc5975e98cda17ea7a194731e
SHA512 d4bd3ff36f5abd81b1637bed49a4a7712233727be71e974cee17edd28992f378aeaa622053e29d042084681271b01687b5b2c561562a18002749218f5cea2008

memory/5684-1779-0x00007FF85F450000-0x00007FF85F451000-memory.dmp

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Crashpad\settings.dat

MD5 31a6a6c5deee1f03f4aa996413260f8d
SHA1 378b0c7752168b63d92acdd2d5852b9ea7bd330c
SHA256 1cdf42e102fe66aa399f15c85d92fc9429ca1dcf6b72794993580e7531c25aad
SHA512 8c8b84b6d3416a9161a4d4bea601d2273f9d613b04589e556d3c3c2a941929ca5298e38c3b80dd151e14685fd3e1688bf2e9346ecaf333c527de05a2c46cfffe

memory/1684-1796-0x00007FF85F450000-0x00007FF85F451000-memory.dmp

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Local State

MD5 64bc3b2ccafd0d2dcf422844d3079c20
SHA1 889b588505d1aa5b7f1f1f3af20c49eaada90c36
SHA256 c51c9e4278c8870414b359f6366f954b140594ca7c80d57ecc09c372b5364649
SHA512 0234c1b535817b0bacb8f54e4c4850fbc141df60eddb6488499edda236556c38fcf422205a07a2fea1dc9eed828eaa5884cc4afa8b6687f4a62228ddeac2d2b6

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Local State~RFe5a84f0.TMP

MD5 6a7dceba280100b78b57eb5461d7a7bd
SHA1 8c429df03301627004a028a6a550df10a66fb8e7
SHA256 e14d8e05d11c45747533b8316e6fd6e179a020a85376aac6a532158f15eceb0c
SHA512 7f99027fd2d2c6f9b4ad62729ec534d5c3a0b617322fc9412d15f99ffc17ca59f7e72dc72098d982cf470b2a864ed11a9ebe8fb45f88c7efcc8f58794333734a

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Sync Data\LevelDB\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Local State

MD5 718bb80c5c2b066e84aab716d1b5e738
SHA1 4e189e1a6c72f2528d59b3e5c5946bd6d1e645e5
SHA256 b11102ad01a7bdba09c36ce1ccdbbf6e4297e48c7e6df01a1504371fe0a506e3
SHA512 bc20663706ef1c06798f09249556f0effac57caa38b5cf7b4f85d86b643dbbf667d62f0fb88d827995829dd0be7109b83ce49b445dcc1f998c9b43337498b219

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Local State

MD5 60232eabb515a64cd080d58dd33e72e1
SHA1 419d216752288611ccb760b46b91fd4f0bc551f7
SHA256 fedf1fdf051d4580d06c371d19cc04bada21392987d0f25ab15f8e15015202af
SHA512 578ef1d3fe45b71d3e90a1706c54c143ce76c24d6ab23eef1c3759f3579df0f7f6eeb0b6d9550cf9ffae8d4b1494ce4ef2c438cc0ab36becd35a0cf33f43735f

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\GrShaderCache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\GrShaderCache\data_0

MD5 cf89d16bb9107c631daabf0c0ee58efb
SHA1 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256 d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA512 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\GrShaderCache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 462d08256ca3ced82fedd79d9ac3d9ee
SHA1 8e4c6aef3b39afc1a8525e6addb0b6df047ac7da
SHA256 0cf6d9b8f33578a8d4408cc3c462b1c7c4ebc904a4bb20c4df4c3ed0ad019ba4
SHA512 ce578b2562f94abb3eb5b64896df4cb8ff947e2086b3220c55d027b46789cd8575bd95bc88552d13db3083334a1b0d3e9095ec5eb5b756671d4131942c78456f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f3

MD5 015c126a3520c9a8f6a27979d0266e96
SHA1 2acf956561d44434a6d84204670cf849d3215d5f
SHA256 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
SHA512 02a20f2788bb1c3b2c7d3142c664cdec306b6ba5366e57e33c008edb3eb78638b98dc03cdf932a9dc440ded7827956f99117e7a3a4d55acadd29b006032d9c5c

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Local State

MD5 5a03905ea2aa61a2395bc58945486a39
SHA1 af27fa43486f95740baab06b9713e7910a3625af
SHA256 141d9da234fefcb2b3ca44e074796caff28aa4345063f628c9e5ee1d7d7bfb40
SHA512 77fd357bef299ecb1b06c6bfcdcfceae471f54a1c522673bae0eafb291488b1fa363efb12e7a131a663aa1ec3ae0264b299b2a88e239ee29ffdda1f75e296de0

memory/2644-2032-0x0000000001000000-0x0000000001035000-memory.dmp

memory/3188-2037-0x00007FF85FE80000-0x00007FF85FE90000-memory.dmp

memory/3188-2042-0x00007FF85FFF0000-0x00007FF860020000-memory.dmp

memory/3188-2046-0x00007FF860080000-0x00007FF860089000-memory.dmp

memory/3188-2045-0x00007FF85FFF0000-0x00007FF860020000-memory.dmp

memory/3188-2044-0x00007FF85FFF0000-0x00007FF860020000-memory.dmp

memory/3188-2041-0x00007FF85FFF0000-0x00007FF860020000-memory.dmp

memory/3188-2040-0x00007FF85FFA0000-0x00007FF85FFB0000-memory.dmp

memory/3188-2056-0x00007FF85F380000-0x00007FF85F38C000-memory.dmp

memory/3188-2055-0x00007FF85F290000-0x00007FF85F2B0000-memory.dmp

memory/3188-2054-0x00007FF85F290000-0x00007FF85F2B0000-memory.dmp

memory/3188-2053-0x00007FF85F290000-0x00007FF85F2B0000-memory.dmp

memory/3188-2052-0x00007FF85F290000-0x00007FF85F2B0000-memory.dmp

memory/3188-2051-0x00007FF85F290000-0x00007FF85F2B0000-memory.dmp

memory/3188-2050-0x00007FF85F270000-0x00007FF85F280000-memory.dmp

memory/3188-2049-0x00007FF85F270000-0x00007FF85F280000-memory.dmp

memory/3188-2048-0x00007FF85F1E0000-0x00007FF85F1F0000-memory.dmp

memory/3188-2047-0x00007FF85F1E0000-0x00007FF85F1F0000-memory.dmp

memory/3188-2039-0x00007FF85FFA0000-0x00007FF85FFB0000-memory.dmp

memory/3188-2038-0x00007FF85FE80000-0x00007FF85FE90000-memory.dmp

memory/3188-2043-0x00007FF85FFF0000-0x00007FF860020000-memory.dmp

memory/3188-2057-0x00007FF85D880000-0x00007FF85D890000-memory.dmp

memory/3188-2062-0x00007FF85DBA0000-0x00007FF85DBB0000-memory.dmp

memory/3188-2065-0x00007FF85DBC0000-0x00007FF85DBD0000-memory.dmp

memory/3188-2064-0x00007FF85DBC0000-0x00007FF85DBD0000-memory.dmp

memory/3188-2063-0x00007FF85DBA0000-0x00007FF85DBB0000-memory.dmp

memory/3188-2075-0x00007FF85F440000-0x00007FF85F44D000-memory.dmp

memory/3188-2080-0x00007FF85E940000-0x00007FF85E949000-memory.dmp

memory/3188-2079-0x00007FF85E940000-0x00007FF85E949000-memory.dmp

memory/3188-2078-0x00007FF85E920000-0x00007FF85E930000-memory.dmp

memory/3188-2077-0x00007FF85E920000-0x00007FF85E930000-memory.dmp

memory/3188-2076-0x00007FF85E920000-0x00007FF85E930000-memory.dmp

memory/3188-2074-0x00007FF85F440000-0x00007FF85F44D000-memory.dmp

memory/3188-2073-0x00007FF85F440000-0x00007FF85F44D000-memory.dmp

memory/3188-2072-0x00007FF85F440000-0x00007FF85F44D000-memory.dmp

memory/3188-2071-0x00007FF85F440000-0x00007FF85F44D000-memory.dmp

memory/3188-2070-0x00007FF85F400000-0x00007FF85F410000-memory.dmp

memory/3188-2069-0x00007FF85F400000-0x00007FF85F410000-memory.dmp

memory/3188-2068-0x00007FF85F390000-0x00007FF85F3A0000-memory.dmp

memory/3188-2067-0x00007FF85F390000-0x00007FF85F3A0000-memory.dmp

memory/3188-2061-0x00007FF85DBA0000-0x00007FF85DBB0000-memory.dmp

memory/3188-2060-0x00007FF85D9F0000-0x00007FF85DA00000-memory.dmp

memory/3188-2059-0x00007FF85D9F0000-0x00007FF85DA00000-memory.dmp

memory/3188-2058-0x00007FF85D880000-0x00007FF85D890000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b8f83d5903e7e784a6836d9e12aff001
SHA1 41343e4172f83046d949f03272f51f08d1bb3184
SHA256 a46286c6773efcecc8d26b1e780dc818bb34d1c14f629c7015aa1558e2d9febd
SHA512 6ed03d38371d6ef5e06c4ed60a7699264b36b3a1fa871150c0717bf1993dbfaf1dace9b4f03a4e3c6f4761a2a42c820bbe0e9608efc303d246b2ac0bcb867689

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 34d740ab40630985a57a99bc52fd0c1d
SHA1 d9b8c5693dc0b1c0a50b0299ec28864d394eec44
SHA256 d0923a86d22bdf81ddbcb1378bee342d23139fd2149cbf2afa20c8c9d8701ac7
SHA512 0d618b936ce97e2f701675a3b44e17a641e3587ea6a8d4caaf8ce23df1bd27287d51f2c061da2c534f14b5955e1d3d6b81f8e214a7eeb71ca996e11eca5a8c60

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 5c8f4d6847ce8a16dae55d60bb1e18da
SHA1 e959e3d71e22b37c3ecc347a40b9a2e66ede2791
SHA256 45b65d35707dc1a2d2362a58d6250b344ac8ad340d63078a6d470090611ae8f7
SHA512 b2d7a7d381b4c628bd1174ef25fa93c78e6816167e6088a5e3b23f145fae6cbe777ae56ae8ec51795913626bf228f4db79733c986f003d01da90dc10041dfd7e

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity

MD5 c78d9733c11393a422f79243519fb756
SHA1 f5324a8982d4d563c4e2cf3817deb58c88e99caa
SHA256 75217cbfcbd8ff6707b06be76b57664b3f43a8d6d952e80c93afa37d6357341f
SHA512 05963952c680de62e78157c86a81aba680cd69eaf4538b8fafaeca07f4b4c9e63818414b9471fa8269c5eb7534e186120a32f9c324ea1721b4e7c7bdb602820f

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity~RFe5ad5a1.TMP

MD5 eb3d956f26a3f8eb1c77b84efa1bd45a
SHA1 6954875258503ea53a7fe3a8c5722522ec178eda
SHA256 11571848d78db37d86b0623248b200473880229a6cc744617c055881b0119e79
SHA512 3925595165ff0dc3d28cd52af7cef83ae5536b9f7e41721db775fe1dce048c3e6e41434bf694729996fb5731f7c050f627f53b0d506008588fd42e075c4d47d6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 da633133ae204b2e66a0d2e214787311
SHA1 804be86f5b36cb377752c6242d818d6ac4bb03c1
SHA256 8ac7a947db84fd862094c709984aa4fa4b70874ab3eba41952f3d9e959d42f57
SHA512 a602c67442ce58e35b27ac38bda0247ed4b0cfc799bf88548b19ca4b554f2016d5e5252ad49a1c9b90c09778bef2f8b994c831cb047b8690bda46b17f081a69b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 ca9569b6a67b31dddbc8c1f8d370d8c7
SHA1 c735ff6aca07b206a3681151ad19cde314fc5e6e
SHA256 ebfe0d8d5614201a873f91f066b096d0cc79034660aa4c862b0b6c7e93aa1a91
SHA512 a315468884d54c68c47f3d4f6f6a26044f3b63567d02b872e08469cb080be0902e923ce6d167fc3e5a5710205634e461d8199a10757168a25862aff7562ffd4a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\b06859e3-ef4e-4e1c-8244-be107880d034\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 3b3668be35c625fec3694e23e5ad7c59
SHA1 4c07e99aae8cd8a8a76ffbf685c34043e5a57018
SHA256 135b20562c765e9b50f7eac7281bbce65571ef88455a34e41a5692b15fdcd53e
SHA512 24e37f9cda5c12f7899156b92e46809569856e82c288b7d940711a7b7f8eed20ba72e946718721c01adad4ea283aebcde7191df1f6d4fafcdd6c1828a8ca3e00

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Code Cache\js\index-dir\the-real-index

MD5 7d9467f6df11634b24bae23aade9941b
SHA1 85b7959cad8ecf165557c9f99b46d398c92e35dd
SHA256 b1325863708ac18f22a1889644583ffc23d1323201263f15789d2e5081c693a6
SHA512 9320a0d1cb1b3aca9fdaec8e91f40772bf3a083ef99bef39b478ea90781c3b59dbac23eda95d66357cb82c5cb2887e60f53167e0cf036692c7bdaafe76677f9d

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Code Cache\js\index-dir\the-real-index~RFe5ad86f.TMP

MD5 91d7d4c183a3b38f45df9ea785ae58f7
SHA1 15abf257772594ae773cbef0e41e2b08a9bf05b1
SHA256 cad4b39f4e7d763052f3240ca7ab9ae2d5d7132a212b40864d83ed3ac74dcbae
SHA512 6fd7be3a206e1ba3c99e2cdf736938867b0772454d6365e49bd2c1a71d3393c736c64fc3b59b8577b6225035a9923e6080f63aefb4d2e1e29b8455c7ac15fd95

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 10098433af13e51ccfeaee16682db21c
SHA1 f6d285ed13066ac80350c9af0299e53776203176
SHA256 8949d0e6bffc6958e71ba1af0b657656bbbdf206b643f2b573e483a38e82bd9e
SHA512 520f06ada0732accd73b10e1999685e96fb5ebfdc027839cbf17ee6a71a353f6c59b03d789f83a9f08fe5fca9b3ec69a5991ead45ff96bd46943bea0da6c862a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 4972751ca098705cf15f63143a214430
SHA1 d8fbb113141300df1546c40d5d18801b4f36d004
SHA256 a01a5a9c9502019404c6789d670617a0350d3018456ae0f28ac5d4530319f952
SHA512 7063359d174dcbaf0e304f655db7865bfc5ccc3f65a6303e027c4a9602f4476fc0bd7af7ab76ebe48d815b4cb3753116db8daf14d59ac69601a4b1c788a74752

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3bd4d389ca63ecde95ec5b99724c82a7
SHA1 e81fe5b15f060e8e8e6c4bd917a32f0a12ccda9d
SHA256 f272822d65804d65b6425ad86063f57d31c5f9c2c617a12b0088a70c50f2f6f8
SHA512 fe31893c265f00e21df2e59eac341792340e9e0ee98dbf59fae3be923536a4dfc923697d2cdb5b4642fd7650e300359d26ad3e25fa6fae455fc4e74af4702f30

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity

MD5 e9d98340394f653a77e441e13413c781
SHA1 03562b483566adc88315ae55025f128ae7e05860
SHA256 c343f819cfec60870a1634d95fb3ad27337723cb336271937d70dc7dc8c06d4f
SHA512 4e172532dad7c12055425243938605b8521520a62f5a2e8ae0e9e3327864cecfcae6ee3e3e6e4b5e4fe772cd0e3c4ae3d475beca62a0060a2e8e87f50eb4581f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 cc960c27aeab90a02f7057adc41dd74a
SHA1 67b16e41d856cf771c98f380aad2d8dfc0511f36
SHA256 77b33f5075b283b69ea63229acea2241d3e8c4422d5b004c191486e3288808b3
SHA512 475e72cca379cf4db2e22be2e1a19bf0729ab954acae36a1a9c9b758869f1039a65983bbaa39b845f43afca1570357594e07433911c8119c14e9a6d4c521bb71

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\cf8859c7-a241-4794-8262-a5ffa89e5778.tmp

MD5 6f7ed0ed672dbc7add2358cbc7ed81ac
SHA1 bf7e7824a5c867fe9a2270d9a825e3e6964ba58e
SHA256 1d5178408fccc01ec57ea4510a1aa0b3e4c63e891a2c2cd133fc8662a2d0f7b7
SHA512 83b996740170b5d8f12f902f67502d7e0de5cdb8a409f5d5ab8b52fd2959740acf2b7143794e1cd2bf7dd6eb7149c38e3f1cc4446757ad1167601ce4bdae8df9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 d94949ca83249f4dfaace2d1d1a255eb
SHA1 d576ec8c12363cd0b1b8e1f6fbcdf4a56e96ac0f
SHA256 8c13872777302e9717a89904055b4effc980f8882bc02facce06d000c5fdaf07
SHA512 1845b2e62b5393e071458d1e90522c45f5926895006d96be230ecb7c71c058f1d1da063c1284af37c84ae81882c52601fe3778b092fe935662e35b6b1e1b4437

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5b277a.TMP

MD5 7e50a955184f6037b81b5886ddffefbb
SHA1 8e7b64b882b0d119b4529f7d47d777e0b1bcbdd1
SHA256 be384aa3796487898e9050ebf5bc414b2da626b2ea0081882c353a8f3944b144
SHA512 61754687b52649823e2f4976f7fea02fc6dc0df2458d7b5ec7cc9cf0ed0733a79aae61fc5209b00becb6ceca50d348e034d6c76164b2a4981b4c03c074da2d26

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4c1503dd-8903-4908-8f80-7eef5105de85\index-dir\the-real-index~RFe5b2da4.TMP

MD5 389bfbec44586bbf1400d28250760635
SHA1 564a8aa99a163ea9adc265b47aacaf16084a1686
SHA256 cc9109199c391fd021273b6a10c51113c143f1f81d04be36a5cef8a27e53646a
SHA512 ad9e94596c10b7d097044749daea9cf7eb990c9a0dac8766d82665d40475e1a457b2f2f587db11e487f82b8cc30ee167a0017713e9411302618808f4fb2d058e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4c1503dd-8903-4908-8f80-7eef5105de85\index-dir\the-real-index

MD5 76db850b711e030f1b2274a1a4c11ad4
SHA1 08fb33a0d9b1cb513c216a6964a17d97ef83dbd5
SHA256 338e0b1eaf66010d60be7abf427208aee7ba47fe4e78364fe59e2683acbe8333
SHA512 b3e6170c25bbae22e61f76b82b4bbb1dd834200aacf79e9eb4a28152dc88def9c7de53262e94afa798d7a2eff13c1f40a06f9dd4e3f51d8330a63b639962bf77

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\99becebb-3766-4557-a55b-a5033431c756\index-dir\the-real-index~RFe5b2fb7.TMP

MD5 93ee218ad112f6e58dd7293064448da9
SHA1 3911ea082287ff2acc232c4b6da3f1cb35bae0e4
SHA256 f12b80d2871887babfcea84a29ff8164f7555e4ba95ffaf2eb42ab8ca7625a37
SHA512 ec73d82942dceedae084a64cbf1787c7923f4a7ac310505bf09c7882f4c610d8972f7c3d3804b37bb065cb17fec52a2b1735ef8eb018251b917d0571b7b5ecb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\99becebb-3766-4557-a55b-a5033431c756\index-dir\the-real-index

MD5 4f5b96e7415351102955f9980013101a
SHA1 8c47c1e5d28c64bbadd20938816b501573c42c15
SHA256 8d1d50f1ed922d16e434a99209a05267b1e4c6a430013be6ad1680a0257cf01f
SHA512 511201f12d3424cb9dc7d80997c54fb4827898e570e1223e6039894ffb4d206996914cac2834a79c4589adb857266ec9c97a65df274423c811d079ec64416482

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 e3b9bd1fd769ea4815ecbccae217607b
SHA1 c72ea15fa916b23718cc260e795df16dce5ebca5
SHA256 d4fa99a5e541233e3a572e96b347e692c2adedaa395512ac086ddf0c69aa173e
SHA512 60f671661045b2fd2aa117dc331818a0df5352574e1cb409ad39c8e27bd54c178ee52e812f3d50410c6ec3abf3872cc3bb54661f881ae06aa8a33ba87751148b

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity

MD5 c5c136c1c6ab1a797f86d7553d032719
SHA1 e89836cb08822c18f2d687b0cfbd11fe3e321998
SHA256 6991448cee8ee7f8c2b506115bb8ba8b1c6be1ddeb9433439fe3dd9fa284d810
SHA512 73387ec7cea8f80a883d6933ddf64fa4127cb69e0ddc7fba2eb015d03efa8082dfb8e022b882f247277d71694c2f7606a604f310b8ee4312da7f5ff17dc56a68

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 820239be139922a1feb5b355ee6805a6
SHA1 0b42dfb9173700dcd6631278426f6f5114c67e17
SHA256 fd577b2b37b799058e94730f1dea55d91d69909baee5e1300a4a73f626fbb02a
SHA512 ea42e8508329e7bf15a47d19ef4766446937c3fbb8092f12561119287211df9757cfdf201499f904d2ff907c0eaeb1e73a306ad1a634cd1af2ba42798cffdaa9

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity

MD5 ef80a2b15d695bd7d26849bae59c71b5
SHA1 2b77c752e34a1b13fdaa63be5af613e74944a5d6
SHA256 73da1acf96a1122c578ac13ff89ad2f05776cc61658a9c92bd850a674fbcabc6
SHA512 46bcd2819f7fd485db4b0b3eb78abd263825c0f4ca698b65c8079c5aa6264d64de92e85f9f1d7560f15ba86d0d4bb5f2848727b17f47af9d5954611f44cef58e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 344e91c3b5f8448b51059685dd56f40d
SHA1 a0e6e1b3c6389830f370ab7c88567b41e486fc87
SHA256 e1cb7f9c22d18e854ea9e3038185ae808be1230752eb1f2e87765c8837aab164
SHA512 5fdb00ea13b94e7c1919dd5736a35c9bd5ceb15f5b61b842be5325db328da647f020862179ac021f891e942dba9290da55cb4c374a7a3ac7c384723d78b24319

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\Network Persistent State

MD5 80687113b93a6682eb5f180b244d0acd
SHA1 16c54f3d24842800644b010df5ce03f77bba53cc
SHA256 2c630c612f3ab353e01da882050da0249a656ddc3ba02e9502708d94ebd3b833
SHA512 b384bee9215915cdf4baff9dbd78b7ab91d4cacdd43d96116f0a5ea94500d9ac55bb775fcc80ba1ae4d208265fd4b45c6909f1fb85ee021cd46cf762b4b065a5

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\Network Persistent State~RFe5b97f7.TMP

MD5 2800881c775077e1c4b6e06bf4676de4
SHA1 2873631068c8b3b9495638c865915be822442c8b
SHA256 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512 e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 cdba572ffd69db60323ba18e4ec31769
SHA1 97394712d2ac82b083521429195ab4964f02d241
SHA256 08791a2aafbcdaf9aa3337ede6f6d35d8c6224c6938113cbbfd0aa4ae5b3ab72
SHA512 ba6ee20c2de1fa2473f3fe733615970fc2c3657aea848215168b8a9a8121ca758359a8d6a198e554b1ba3d55439b341af31dc274228636e0c048b594a60ea8f8

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity

MD5 71a554e9bff4a3432012676230f1d40d
SHA1 2dcfdde34dd1cc244f8c47f6518e16563b69cca4
SHA256 9b9982f7ed9b19ce63a1972d4b5b27ff7ef09ea75478dd7a402195daab7cf7fb
SHA512 580abc45426bf6828cefdf667e64c280082c2ae14f9c86a05726826b94bfdca50db345dab1502290a5e08c5fce6ebcc3572190b4f166c8ab505d66ac17dd8819

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 a1d427714444abf250ec219c6383742b
SHA1 6eb658b712b87ab1ebe2b9f89b7954f690d9d64f
SHA256 da5d75a607fe76f0e88929faa4c93c9df31cdb0b5d0e481f48ce5311bcc29aed
SHA512 26df3552ceb17f0a3a24a6ecd062e0b89b8f4adad0a601db2efc1d61d7c72bd907d872dd27ad7818ab6bdad7ff110ef699ed7cfabcad5d99866341dcc32ab9e6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000bf

MD5 c3c0eb5e044497577bec91b5970f6d30
SHA1 d833f81cf21f68d43ba64a6c28892945adc317a6
SHA256 eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb
SHA512 83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c0

MD5 fb2f02c107cee2b4f2286d528d23b94e
SHA1 d76d6b684b7cfbe340e61734a7c197cc672b1af3
SHA256 925dd883d5a2eb44cf1f75e8d71346b98f14c4412a0ea0c350672384a0e83e7a
SHA512 be51d371b79f4cc1f860706207d5978d18660bf1dc0ca6706d43ca0375843ec924aa4a8ed44867661a77e3ec85e278c559ab6f6946cba4f43daf3854b838bb82

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c1

MD5 76a3f1e9a452564e0f8dce6c0ee111e8
SHA1 11c3d925cbc1a52d53584fd8606f8f713aa59114
SHA256 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c
SHA512 a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c2

MD5 710d7637cc7e21b62fd3efe6aba1fd27
SHA1 8645d6b137064c7b38e10c736724e17787db6cf3
SHA256 c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b
SHA512 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 99b054de7e97227135dd8c97dd58bd49
SHA1 7d711d99d1b84fb003c41a64029b788ebd819539
SHA256 9cc052ba05851da13a58483750e1bb273e872e8562218c91154fe11235a45606
SHA512 ceab23e49ea6ae5205813bb1bd445da724b26e3e0bab12387e2cb6a068591af9abafae9f584a798d25e7b68f8ae8d68b299be0b4a2f214f98c885db78ae2795f

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity

MD5 a9d2f69b7e136c60a3ee585508a6b8e3
SHA1 2dce5969b1822038814172b845c78edef80bf160
SHA256 f0d22c8916dbd6f46719772b48f8bd02fa7dbd22977d47210c1662caf0196a7d
SHA512 7bd9ce8e49d94ca8388b25ee704220a4f53209c0bc2205f6ef480a3da2ff67a9cf4dcb07b7f8ed71d94b2f36eb6654a5cf84c1ac4108cfdbb6578f26c1b9c3db

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_quackr.io_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9ea8063019ee88d37605e56162f2e673
SHA1 9a6892aa106563b597edd60681baeba2fd6393f5
SHA256 70c1f403e3783e748aafcacbbe967ac4621ab05dce1837b2ec0974a0b2cc4ee7
SHA512 ccc30cf83ccb789ffdb67b1853fee7de9d86b1fb3b26bcb9ec958bffa4402598595a26eed133fc9a5841da5fd79dff8dec599d87fd51a8552385a0953d451454

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 196291dbcdb5169d69ee3063ac2514a7
SHA1 99208f523cb7ac2119c3d0362da4b1d3dc4541de
SHA256 4d4748e18b927390d6de9366726a8488cd8ca7c6d9d410fe223f0fa7a5abdcb5
SHA512 9e69dc76e2f146af2e934b3a6b7d99c42f53fec31d8e617f36df5a57f1b13db34659439ed34f0cd8115deb5d9132719238dd5a7667f8c80559bf3c808dee763e

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 0b601339c96c1b3707014bba142006ef
SHA1 71de012580d31c0eb4d58b8d1f00da27381a6c1f
SHA256 e1b12d1c8e86776a8d255da470ea971a31a2ce57ba429a536375a25899e5dce6
SHA512 d1fb220acae9cb088366190e2243f9549af1c30e93f5c7ee28ea5fa3ba2f61d0614b0fb3277fb3013051619a0f4fa833a1597e67982bd7b5ebab56218065115e

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_695356870\manifest.fingerprint

MD5 5bbd09242392aacbb5fac763f9e3bd4e
SHA1 14bb7b23b459ce30193742ed1901a17b4dcf9645
SHA256 22b55f5d9b1bafb80e00c1304cf5e0d6057a304a2e8757b4f021b416f4397297
SHA512 541e4c7998e91a5113f627c2c44e32b54878fe225b3b9476572f025f51f2b4ec4a44b102498adcc22b8fe388970645bacfafb6e7fc8a216df4d7bbfc8b0ff670

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_695356870\manifest.json

MD5 ba25fcf816a017558d3434583e9746b8
SHA1 be05c87f7adf6b21273a4e94b3592618b6a4a624
SHA256 0d664bc422a696452111b9a48e7da9043c03786c8d5401282cff9d77bcc34b11
SHA512 3763bd77675221e323faa5502023dc677c08911a673db038e4108a2d4d71b1a6c0727a65128898bb5dfab275e399f4b7ed19ca2194a8a286e8f9171b3536546f

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1766db07a323a93b4bfc7b9b8f6abb5c
SHA1 feb5342369853612f8d37d0ab5cf21ada92c18b6
SHA256 309884cd5d8e7703e35601f2b9f03a65426767ba2f5abcd656ba3419b8e868a2
SHA512 f53e93b1e49e0a52588641ece42176b1e87f6ba1bc996a53c6ee482443d1a2dea201583ab5a7bb648b50c043b74b171ad6720e7d55bb2349b0b48da379b1e892

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity

MD5 fdcd8fe32da9620aa6ae406dfbabfdba
SHA1 c4bedd6b06dcc0b8948bf04651f5eca1faaf42c0
SHA256 4a9c1459c3854e2daa13bd4e8c64e80c2be9a108063388dfdb002c7ad13e5f13
SHA512 d1ff15aff0ac1b695391cbd1a1f2798297e9048b16a9e60f28284cf5e732933bbe56a2fc671127cf6b84322858c40ebdb602eb9f9e5cc538b9de4ec5be1bdc33

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 f2c4b3ee619e852842d9a95272031548
SHA1 0231b240ac7af807daff6719856d98d0e1230f81
SHA256 8d2161f3e4266b1fa06fa2b89fd66cb43650d211c7bd619b1a309ecc88dd25cf
SHA512 bb99ab331dac92321f416886b09f93997aa2249c5ce4d360f82349956895044222438aca4a67f892f8ac469c7f4bd647e6c5b9588ad1e2b7671a7bc27c0cfd5d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b0b5ff557adfa1431149a8982ff7ff34
SHA1 595aafe9c89efeada5cdbc6503122837f7a9710e
SHA256 7e7f5d8f9dfff8b5a8ccb8e7d56bd0f089e60fbcd184700aa6b8cd6b4bc832ec
SHA512 147ec952401e1d3bb40f380d72fdd8265064d470e4f7a68f383c52f5a2a87b4d964e8ba5188c2a9da3ff1fb8beb7024e4610cc29f5177161e5de714ae45c04ae

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity

MD5 7f66d92873d87b00aaf433173dae7084
SHA1 fddd900922d68ceafee3464ada87db74ccae5ac9
SHA256 9778495ad6f4168e08dab854a20259f87b80d15eba1b42e936fa585fb791427e
SHA512 5d4993b3c36c16a48a2181952c21caa05eba9bee856c9a69770e8cc68d693ea00e4ab3d5ce5d31350adb523de22337e7b2d0ddaf055df44dba65eba6267fb362

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 2c030142b0ced401c910c272a8d28bb8
SHA1 b649586501a8c5985b5b10338237490d229c6b6b
SHA256 e99654836daf3457c2f0bc94088b5e796f90d0415d7c6e877b347c54c142c232
SHA512 ad2c7342c8e64b036137522567b8b116e34373f7c37ccd07a77624d806bf15c5a4cfbe2f5d91ce2b2e7139e717337f5bf10cf78f126859d6004ed79c2e5ebf47

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000bd

MD5 2227a244ca78dc817e80e78e42e231d7
SHA1 56caeba318e983c74838795fb3c4d9ac0fb4b336
SHA256 e9d7b93bae57eebd7019ac0f5f82bac734b7ac3534d1fa9bdba6b1fc2f093a24
SHA512 624cc23d4a18185ae96941cf8a35d342e048476b0384f0595ec1f273e19163ca49b17b14760628eb9da9a5f5519d4671544669fb08985c4945faf663faf92e12

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000be

MD5 55a93dd8c17e1019c87980a74c65cb1b
SHA1 4b99f1784b2bb2b2cc0e78b88c5d25858ff01c5d
SHA256 4925dd477b8abf082cb81e636f8d2c76f34d7864947114fc9f1db0e68b5a9009
SHA512 f9ade542c593067dbcd13ed94da1ba17a84782575355396db8fd7c28aa70a3120d0c0a22d3ca3d2f0774c1dcb06b9319e243b36001c618c92e0af25cb9c8e46b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c3

MD5 0226f8de1e27a4ea1675c906aa32e72e
SHA1 6be3cda5fb935d130908ab0ba80bb926f38c75e7
SHA256 fc1a6e9a3ea7894abb8c67345924fe74bae481b0e351ce3eedd0cdbd0d9d8459
SHA512 5a9f280e79ff805409d50c4de5f03fb827d72d692ba6e3250943af55c43beb58af65598d5e5c7d2fb583ff0e1fa5795103559bfd7aad284fe12060626d7b72c7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 bb287a040278c5a8d03b119769b1f7ef
SHA1 5bb7a431269c578b68f61324d82feb7230ba1e71
SHA256 7eec8071f2d44514961f5e084722d3c9eaecd861f3cbc185fe5b27657a517195
SHA512 b40808ea007bac68233a67e87da36e3ef77f4ebf54f68d3b9546a8d7a3900abecc608c79faea3aa702564b2fa326c65710546732ab094bd5b6fb542898a7af17

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 914d22a063a1b4bbcb8ca310744d587e
SHA1 587ac602578b06110587f9d8d9456c8753bc41df
SHA256 acf6ddd179e8afe9b19ca91d67b32ab52b44f74d9f6e037123e7e43b61536101
SHA512 db6bcd2dc9ef87f2ebf0731b2bc3b2ffd9cdb08658df8f1426d27bed794f1b9012139edc0a5a90e7661967e0343fe54cbd29c81311dbe4b7df9cc90403cf1bd3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00012d

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity

MD5 92379a815156811e7fb7a6da40ffa9d6
SHA1 9ee1410f0e8d0b84fbff6e2d1431c4ec7071be10
SHA256 ac5d8006c181ce415254ab46410b04633116841f55401173bd98604e1f00354f
SHA512 9d7c7ff21057c1b6611315c54190672dbc8b1e1d55bf01603f019af83b03e2b8502c99d2fdbc2b6ef3b54c33725dc4a880124aadf6074d265c3ef0ed172a8a06

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000132

MD5 bbc50fd81daa634956356ebe01811131
SHA1 4430a7accdfcd1b3c9c9859e66c4215512083b5d
SHA256 49bdd4c96a6000996d9104a17eafd5a15443e9bd17d807df424bcbc4a9440c0e
SHA512 9d21a0ca98d07ee339631f494e423830c2da5de55f69bb5fc70f54627d3e4311c234dfc03ca77ad28fb64ce2fb28972e6422dd7b3cd76200402c25df67041793

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000134

MD5 2abd079be1223e68fdd6f520afe8fab7
SHA1 0f52ef825e632aa99b80724e2fc419fe1413ff39
SHA256 fc998bd9e644618ab3ece7ba644b58e43e6503e49b8ea2d19c6ee725c4676c75
SHA512 41d1bcc91961d70146f3434857c2265d2c1ec8cb81d388ddd187de5096e580bda69da20cf4ed56d72aac3d4e731f177b99daeec128e0ecd68dd37beedf4b3f70

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000139

MD5 115c2d84727b41da5e9b4394887a8c40
SHA1 44f495a7f32620e51acca2e78f7e0615cb305781
SHA256 ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
SHA512 00402945111722b041f317b082b7103bcc470c2112d86847eac44674053fc0642c5df72015dcb57c65c4ffabb7b03ece7e5f889190f09a45cef1f3e35f830f45

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00013a

MD5 8eff0b8045fd1959e117f85654ae7770
SHA1 227fee13ceb7c410b5c0bb8000258b6643cb6255
SHA256 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
SHA512 2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00013b

MD5 c83e4437a53d7f849f9d32df3d6b68f3
SHA1 fabea5ad92ed3e2431659b02e7624df30d0c6bbc
SHA256 d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
SHA512 c2ca1630f7229dd2dec37e0722f769dd94fd115eefa8eeba40f9bb09e4fdab7cc7d15f3deea23f50911feae22bae96341a5baca20b59c7982caf7a91a51e152f

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_451859795\manifest.json

MD5 af3a9104ca46f35bb5f6123d89c25966
SHA1 1ffb1b0aa9f44bdbc57bdf4b98d26d3be0207ee8
SHA256 81bd82ac27612a58be30a72dd8956b13f883e32ffb54a58076bd6a42b8afaeea
SHA512 6a7a543fa2d1ead3574b4897d2fc714bb218c60a04a70a7e92ecfd2ea59d67028f91b6a2094313f606560087336c619093f1d38d66a3c63a1d1d235ca03d36d1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000135

MD5 1dc06492f582bfc9afc32518c5b669a8
SHA1 3ceb77de90dfc8ad8a38e8df30f44ccafc5a074b
SHA256 4cca2caca18dd3689fce9fdb2b27bd6bf9e779967f12ae9c8c0d4666c1e4c2a1
SHA512 80114c72ce7ac3493602db99d3b042c928dafbe7fe2d43e8f5e9d273cec0289c6c4742b9cf55a38df4a0bb9376c68ac9fb0ab3e8a6de292bf62dfb6a0c4f9e78

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000144

MD5 ef8b09f2df1c04901dfd8f5e5f326633
SHA1 57c877f6c01f8f41aafd8a0e4b5a7444e3890d02
SHA256 f3e517f718fdbfc155538067dd9550d19f9ca91fea4ae69330a5f2c638964bcf
SHA512 c0334d4906be1620c68f9b6e74d5235d4bfec252582b6f00430ef5b8e484867848c7ccaad269d2e14adc35d603d3b6d028ddb6c2a2b98b2032c937b7d67dde6a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000137

MD5 8083ce83edae35e3337f7f26b52c08dc
SHA1 187958eb3fbd9b44ffd1d2223ab9f63dbf4be728
SHA256 d014283ecbb1e069f80a07b4c356824bf0408ac2599a850e69557c82fed649f4
SHA512 26c7319e00084e9bafb0370bbb2b6fb5b716352dd35ef97a842893e816361a88d4adb3a618a71d9921e39c30d077a3723240d390223d4db840015b512b099c84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2e7cb448881abfaee535042a9b09c02a
SHA1 0477ff937a05f6c5bea548b11345dbd284209d60
SHA256 66e30dbf168ce6adeedee3e06aa4f546dccdabc25eefc74f0ef922a9b94d19a4
SHA512 035279549655fe044c0dff931a9f3ab73ca677afbdf6de8b9bd3cf2c494a0899198deb7fd2871f515b2e4bef9f0198461bf3a6222edfdf1d6286b55427063421

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-as.hyb

MD5 8961fdd3db036dd43002659a4e4a7365
SHA1 7b2fa321d50d5417e6c8d48145e86d15b7ff8321
SHA256 c2784e33158a807135850f7125a7eaabe472b3cfc7afb82c74f02da69ea250fe
SHA512 531ecec11d296a1ab3faeb2c7ac619da9d80c1054a2ccee8a5a0cd996346fea2a2fee159ac5a8d79b46a764a2aa8e542d6a79d86b3d7dda461e41b19c9bebe92

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-hi.hyb

MD5 0807cf29fc4c5d7d87c1689eb2e0baaa
SHA1 d0914fb069469d47a36d339ca70164253fccf022
SHA256 f4df224d459fd111698dd5a13613c5bbf0ed11f04278d60230d028010eac0c42
SHA512 5324fd47c94f5804bfa1aa6df952949915896a3fc77dccaed0eeffeafe995ce087faef035aecea6b4c864a16ad32de00055f55260af974f2c41afff14dce00f3

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\hyph-nb.hyb

MD5 677edd1a17d50f0bd11783f58725d0e7
SHA1 98fedc5862c78f3b03daed1ff9efbe5e31c205ee
SHA256 c2771fbb1bfff7db5e267dc7a4505a9675c6b98cfe7a8f7ae5686d7a5a2b3dd0
SHA512 c368f6687fa8a2ef110fcb2b65df13f6a67feac7106014bd9ea9315f16e4d7f5cbc8b4a67ba2169c6909d49642d88ae2a0a9cd3f1eb889af326f29b379cfd3ff

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1905886248\manifest.json

MD5 2617c38bed67a4190fc499142b6f2867
SHA1 a37f0251cd6be0a6983d9a04193b773f86d31da1
SHA256 d571ef33b0e707571f10bb37b99a607d6f43afe33f53d15b4395b16ef3fda665
SHA512 b08053050692765f172142bad7afbcd038235275c923f3cd089d556251482b1081e53c4ad7367a1fb11ca927f2ad183dc63d31ccfbf85b0160cf76a31343a6d0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 11aafb5042d784514a6b71f1f2cb6686
SHA1 9ac36136973589d1b8aa50d1b80eabddc69ed9a9
SHA256 b70fa51d0625f7786cb07545f8164ae5e9c94bd7d592f52e24bbdad5014cda50
SHA512 976cc525a5dac0ed9aae5c8c11c5c831caa1810ccb07bab81b584800ebac05c71c0104504b87d540cca74fbac53cd668901e200592535990b03914f79b6885e5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 d8bbb42f1a6e48a6b2da9fc25556e203
SHA1 e889eb267fa3d1020dd69aad996276e68306a35a
SHA256 bbb9122f0bf15a740f75d34ad561ff69bbd3845e831c2341202d9daaa1f0bc4d
SHA512 c50568be5a435d607ab1b9fa164d625dfb9081284d23fb05e0ec01e767d7fc982d39d2187a1a392e752034ab036011f545c8f2c4f30e2b52c13177d90a708320

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00010a

MD5 f61f0d4d0f968d5bba39a84c76277e1a
SHA1 aa3693ea140eca418b4b2a30f6a68f6f43b4beb2
SHA256 57147f08949ababe7deef611435ae418475a693e3823769a25c2a39b6ead9ccc
SHA512 6c3bd90f709bcf9151c9ed9ffea55c4f6883e7fda2a4e26bf018c83fe1cfbe4f4aa0db080d6d024070d53b2257472c399c8ac44eefd38b9445640efa85d5c487

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity

MD5 30d8afffbb1057a9aa3a004bd665e8f8
SHA1 c6900d070dcb1687ad3dc682f8cf43b995a49612
SHA256 aba1b1db1c4d1be4124a2953177d386300fb531811d04bc2cd41925bcb2d0780
SHA512 21f8e5de53c9e8ae790183d79d462fc42a64bbc905b144c0e74bd06abdb2f6564d792af8aa75bef318a59881d9fd44daa1473d251ee66a80f10310be9800e5fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 77e7ce86d03146e20401a2726ef1a411
SHA1 fd0d204656177acb2bfc7d98ed36b9c8a04d8642
SHA256 c777c857af0ab0a2ec969429db769dcc216cf7aebb58e1de7c6692b514d6bf79
SHA512 079ea0c1b6b48ac1d379a004b0c91c83c31a092d237bccf47e789ccba6c81f3fd453c4f68075a0102ac123b09697f1acdb3edd5f5f3eb482adf73e4e54dd69c9

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_2005554062\manifest.json

MD5 b3b44a03c34b2073a11aedbf7ff45827
SHA1 c35c52cc86d64e3ae31efe9ef4a59c8bdce5e694
SHA256 e3649c54fd5e44cbb5ba80ef343c91fd6d314c4a2660f4a82ec9409eea165aa7
SHA512 efa957a1979d4c815ecb91e01d17fa14f51fafdde1ab77ba78ea000ca13ec2d768f57a969aaf6260e8fd68820fd294da712f734753c0c0eda58577fe86cfe2c5

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\PKIMetadata\14.0.0.1\ct_config.pb

MD5 f9d04f6b65d1a463f1a01ec39b77622c
SHA1 8f13311afc943d362dbb332b1c0fb289a722547f
SHA256 b42a2649782caefe33aa7f546a02b69bb292a0d4c8ca48602bd9c8dc623b3588
SHA512 16b6419a5d1848abbc668fff08b767af3e01abd71a94341baad7344c0dafa5951ba8e3bbe8561d79fecab03b720e0293e22b49659961d82587d3c7956addd71a

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\PKIMetadata\14.0.0.1\crs.pb

MD5 5533fc3f4c1820b787df3ec6fdc2ef1a
SHA1 f39ff89fcc1af711e8127c52ba55c8ad347e84a2
SHA256 56711adeba4ecafe298eab09cf0ef2f1d7f3260a2aa4366b927029781d270938
SHA512 5194c0562b8cb8e23fde7b561b00dd6bed93782f2e9253324a8e8ef05b69b66a549f2061ff3a9010a73a1412cc64889bc93931d0f212b8a68e39838dabd8e811

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\PKIMetadata\14.0.0.1\kp_pinslist.pb

MD5 fb4c5e847d5f30be002702ffab8e928a
SHA1 30adae5ee6799e233e29cb6825bde492ae6dea98
SHA256 2fa10f05494714d062dbac514989f544036509e4181af8352bf7f8c3b7ff2fe0
SHA512 6c0792c37f44835a10e412dc889e64bfb740337c0a94ae360149c7987216cee168f4b70a428fa9a63a99fa0d35640727450e1fcde735b42c6108ee3f9457f72f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 83aff03e397aea0fc5b1454abf4460d9
SHA1 6d70dcd527da2d978d7e69889c62cfeacea7875f
SHA256 e66a3164656df32004c5f903ae7fa478c11aab22fe9b389c630dcc5eb520b122
SHA512 5b02cdcadb005bd8009aa800140a3e17ce7d97e7a4d97488b2bcc5cc1d9b3387c6b3c2a8cea3a483327020217663a1aa33428e98db0feae36d5a95eef88740d5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 e7e5298c8a3a6002a899616f63bb014e
SHA1 2e0f990dd3d6bd5f422c812af95ff854071bd7ed
SHA256 b83c88cbc1520e58f4fba3822fb86b22f125fcb698947a29bad307506a44777a
SHA512 ee4039f1e5698b651a12775259f611eb3bc65ac86c9411f158ea30efb0d6b03934fc9958eeded4f6ac721cf0897d75d43d22807fa1c8ff80084807d799f53127

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000136

MD5 7c702451150c376ff54a34249bceb819
SHA1 3ab4dc2f57c0fd141456c1cbe24f112adf3710e2
SHA256 77d21084014dcb10980c296e583371786b3886f5814d8357127f36f8c6045583
SHA512 9f1a79e93775dc5bd4aa9749387d5fa8ef55037ccda425039fe68a5634bb682656a9ed4b6940e15226f370e0111878ecd6ec357d55c4720f97a97e58ece78d59

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity

MD5 ff6b7206d1ed50a724b69e3d8fe09ca9
SHA1 47c3e7824986db9d2e6f67521c63ff2c23fbc383
SHA256 0f2e4c0d5b99f2c67d4cf6cdcb7c7d0e898f6578ab3717768c116b0967db981b
SHA512 28f556a645e9755b268dc6ca01f577f88aeaa7f4d68b04e808873c54bad4e4e18f3d0d7dc8a7e431e77c2b10df781fb66d0035c6f45c9781f5344d053842420a

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1010676493\manifest.json

MD5 077da41a01dde0173ebbf70d3b7210e2
SHA1 4b3c3deeb9522ca4ef4e42efcf63b2674f6a5c07
SHA256 23bed5c8ebea0c376483374bad7baf633a7e52f3e0a609371c518e06e645bda0
SHA512 2822d02e2b3c6306e6d71fa62e7f472b4c3cdf0cbe499b70ac60a0a50e547ed47c394d7de88bbef2e6015920442b9d30cbc0d6869d154e02ec251712f918deec

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\TrustTokenKeyCommitments\2024.10.11.1\keys.json

MD5 052b398cc49648660aaff778d897c6de
SHA1 d4fdd81f2ee4c8a4572affbfd1830a0c574a8715
SHA256 47ec07ddf9bbd0082b3a2dfea39491090e73a09106945982e395a9f3cb6d88ae
SHA512 ed53d0804a2ef1bc779af76aa39f5eb8ce2edc7f301f365eeaa0cf5a9ab49f2a21a24f52dd0eb07c480078ce2dd03c7fbb088082aea9b7cdd88a6482ae072037

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e3cfff44622d0408b58ad62a1776eee3
SHA1 526c26063292e8c98657e3eb415383d355ce83bb
SHA256 c00b23f154e00d0bc2314b0ad03ca98618ca71d9986d523f7a631778443b6d75
SHA512 20598dfd7a6708598169966834d95c657dbc97f1c20475adb634fb7916fb8b6991a0aa969259a9e56b628ceebc5e895ea5d39f565db52e3b9786c6443ebb1213

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\99becebb-3766-4557-a55b-a5033431c756\index-dir\the-real-index

MD5 00e3cc2351cb15dceb71eab2a09cd278
SHA1 2664bb26645fe816fa1940ffbd67ff496d48375f
SHA256 d8ffd318209469073c72796e30b1bd13da20666a8d51cf39c767cb7e16e1b82f
SHA512 0f524e46a4ce2c9fe53fcc3adcf7a4be5e4b51d17ed0bc0919907722e733145f1f7d019290e8c026c9409d98bf39a30aa0e07bc8a721be6450e038346a4c73ff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 b2d14a5224baca027ff836aac6c2541f
SHA1 ffe70e8a959fcffb2c5ab2a82d36d27c7a518719
SHA256 c1d7cecdb035798d7e7c38cfe91a5fd424c948a6d8c76e9b6748f87b58fb0382
SHA512 dac712c24ba41135cb2115fbc2b09a777448bb582eb74c018d260f264446abeae1cec02e393bc6cd37b81dcec13ec6a9747c757702f252a89f446e2c4beb0ead

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ad6eab5b4781ce38af275e54caf0b6c7
SHA1 e9066761abddee88c1bb28e28b0feb5092d832ce
SHA256 ba189406d9c71581067046af019dfb04ea8c949cef1f52c3dc962ecf608458dd
SHA512 20b4b4ae3bc4b69936c3fd3949bb03a4bf6d10b852de3a126fbbb707fc4551c0f836ed20c12a4f27cbbeab86895dd30dab4690a90fda8dc9459b00920b5e616d

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity

MD5 83d811102c7f1e310b86eb5bc4ca04dc
SHA1 bb5271d8c276b32d1d55713364371c30a9ce7fb6
SHA256 9a49c3f614870052398fdca1ce159e7f02b450a94bf88d1a95c9fad810c3ae01
SHA512 e13309c76e824367ade6087b990fc5dfc4dfe2d7d2313d344d4aa067495c2d80c9ecd1d65353468dfbc85ba78a93575d53174735d91d01b4e5f71ab09a6a9815

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b4884960ffd1d8d0d703b1a0678d1021
SHA1 5b65d80430d8340cb5ad787c8d93c8a36160a428
SHA256 501cd8292bdf8bf557fdf99340037fc4f3a182d32633d272bb4b71d9630e4c4e
SHA512 f15518949192cd41fd474d2e71536793e50cd54f6a32c77f1dd01e7f6e60218e5c5243820e5aefe6c1f40c85ab4ed73edcd395c1b1023b5b13cf4d519ecd0ff9

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping848_1083356494\manifest.json

MD5 2188c7ec4e86e29013803d6b85b0d5bb
SHA1 5a9b4a91c63e0013f661dfc472edb01385d0e3ce
SHA256 ac47cc331bb96271da2140941926a8accc6cb7599a6f3c17bd31c78f46709a62
SHA512 37c21eaff24a54c2c7571e480ff4f349267e4404111508f241f54a41542ce06bcde4c830c6e195fc48d1bf831ed1fe78da361d1e43416cfd6c02afa8188af656

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Subresource Filter\Unindexed Rules\10.34.0.57\LICENSE

MD5 aad9405766b20014ab3beb08b99536de
SHA1 486a379bdfeecdc99ed3f4617f35ae65babe9d47
SHA256 ed0f972d56566a96fb2f128a7b58091dfbf32dc365b975bc9318c9701677f44d
SHA512 bd9bf257306fdaff3f1e3e1fccb1f0d6a3181d436035124bd4953679d1af2cd5b4cc053b0e2ef17745ae44ae919cd8fd9663fbc0cd9ed36607e9b2472c206852

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Subresource Filter\Unindexed Rules\10.34.0.57\Filtering Rules

MD5 d7c9c6d2e1d9ae242d68a8316f41198c
SHA1 8d2ddccc88a10468e5bffad1bd377be82d053357
SHA256 f215127185b2ee6b01e12b6ca75d3e5c4e454598dd4aed36124ae13d59afd547
SHA512 7fd14824e9200dd99e1fd2cee402656dc0cfc3d0a60058c5eb05c68e9e65b7f0b47e550fb4d6c2b59eba204dbf3ef9e69dc9723b43a9b3ccd5412d6b77715fc3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 72e12c9c68f78b319098b3fbc5280e87
SHA1 1e6c4dc049e5a2ade46675d4864a6f20d8efbae8
SHA256 a5d0971b0fbd550acc56fc726ecc5795cdcb0f915a45111fc7cadbccff6adc2b
SHA512 829ce41f2b620e52f3d864d00cda3cec1cb9c1ee3bae82244709b49a021f9a22d20418c106b117cffdcaa8cc29bfe82ab58342c5e0c4bc511183e69f151abe6e

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity

MD5 2c176c157ff7929b0ea318bcef7a96f4
SHA1 20281a7323fd6eaef5b048b963b66206a7250f52
SHA256 488e0d21b64ca95f3d80245874d2b8316892f278e7d1c13e3daf0da878dd1760
SHA512 f0932649eb8ad2293bd791d8d8cf50ea26ffe875ca47946aa11d243e1e1aafcb848e6b07dbdb407449566b38cb1ab9c0c31b9b52cf32e062493bc50c313e8c07

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ef7c677d363a564632959e1ec7f14d97
SHA1 50a8fa051fe96af1a78d7e3e7beafe32ec462ba4
SHA256 b815e0b3886c53a93b3269ee2bd72212fcf54b877488d25abd5e12be6d396d37
SHA512 9b4450e5eb5f4629bc81e95c9212df8108742a8bb92cd8728e753ccd0f005ec4f1dd00684b287910ed1ca2659404156db86072bc0a9854dc3d2f6a9a725b02b7

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity

MD5 c91c6d4b845f52eba44a327852698375
SHA1 16a9d4ff63b636580fdf9c9d2c4ddbbe0cecd2a1
SHA256 65bd52569968e0ae498511e26086fc8d45639aa096ddde7b1248e9c9797ada40
SHA512 ec19246ff5ed8fd93d89f0bd9952b2fd8f3f355647bb7088318939238c145b4eeac3ce3f25e697a1422bafdf5359c88298f2ddb05b791550649dd39be1ef7515

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\Network Persistent State

MD5 9764366ecc1837bcb3044a58652e7c90
SHA1 11aaffe5372353c23f03f33de39c82c45b8104f9
SHA256 dc26ae125f0d300a3851371e43493ed413b2e420822e3c4078f8ced502ea0e74
SHA512 c5ff33a2125fcd58e2b6aa5ddf86b525262306f013f22eada90ffdc1ce329299cae4c48edb3e5bfe663186fb4aa371d36ff654d16ed6342c0b4397146e63c7a5

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Local State

MD5 4aae098c5aa1550ea3220ac59a62e516
SHA1 cff107c1d9c756d7a1588730481477dfc2d39644
SHA256 81175eb792b3206c4bc552a3be9445264ace893feb32c481a3f298fe40cc7fb9
SHA512 8b5d6589bfb6f6ce1c9d03aa744c682ee41f0346d17591a1c8b4bde26c6f2b0add960af788f31b717b58e8620d1dfc7a8a39adf6b3d76c75108f5d974d71c2f1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 782b679b901aa41dbe7333014fa3f885
SHA1 5d29e098fac090499e2726d242c3b57626a7f4ef
SHA256 1f28c9ce2505273a7d6bd9ffa6ed8cde41d0e70b9cfd46c86e5d5c4170ae5176
SHA512 290a72d79c2dbca32b32558f3bea2557566c602519796ceefd8ae421a727dc445ced558288a2c452a9985f442e3a2c25d946f70efbe07a67193de20a586be271

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 151f6fe581f16567eaee76ba9b202039
SHA1 5754a1d8ce35d4c1f1f3d4aff067fbc187cd4472
SHA256 ec125ad8f05b54bcffc03e0878ba58135c6a080774dc359e36954432ef806639
SHA512 d3e88a0c847f678682047d936f780f61f180a5b52770597b4df907bc44dca875e1db4c339f470ef8cfee629f81c6973af0118ded30f1ec34e8a9cf7569c4c9ee

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity

MD5 5acca8a2cee67a52b815f567bb100e6d
SHA1 b4bdcd27b41152a7481118ae6618e22ace9172a5
SHA256 cac39e0a75baf339674e330cd11c7062bcf92fed76b66e437060efb8b660faad
SHA512 da2c20ed68a5887ab2fd65b4dd91f3eda2284da1de8a7f86919c3b6f15c7fe26834799ac981e0ab64bf27330feca6c3b63fd349f72448bf6266ea74ac6b4aa9d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f0

MD5 b7a34c4483d67a268f3846a5c759a00c
SHA1 76ad135f169710cfadcc71cf6fdda6ad27290d75
SHA256 f40d158b80257287f0bb3647f690bf5db982a85a262cb4fab2edb276cf646881
SHA512 d9ec2a84cf7b4606eea1c9e15ac3a58d4bc6572451bc6c59f7aab4d73cd0947dbf3abddcca903529f99cf2fb53e109e2545fce4e92e79d5d76c2ac9496f59de1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000151

MD5 e579aca9a74ae76669750d8879e16bf3
SHA1 0b8f462b46ec2b2dbaa728bea79d611411bae752
SHA256 6e51c7866705bf0098febfaf05cf4652f96e69ac806c837bfb1199b6e21e6aaf
SHA512 df22f1dff74631bc14433499d1f61609de71e425410067fd08ec193d100b70d98672228906081c309a06bcba03c097ace885240a3ce71e0da4fdb8a022fc9640

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 fd0d419d35cd486b107a457d4d9b39af
SHA1 852347befdcbeaae2e1c90fcc4347c6f96061328
SHA256 fc161bfe6546a7ad5dd40979bd4eb54c4500ad3be82910b5c64e049927891a6a
SHA512 b468410a404917f7d048d96ac8c72b7ddd4c4c198f24c5be3ffc969197063e5d5e0c8f8cbf91abee01a9210265e5cac0ab4e756cbeb4cec1f10a1ff0c568a84c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 123fc0879381d4311e4a3d3a944220fe
SHA1 7453b14a8acbd92fd50210d4364d6602ddc60131
SHA256 801d38e7e32b7d815c23633701f8bada4885ce1149d01832f31e45d972334c78
SHA512 ba3e791cae7b5a67cb6ca0ccbddc3f6aa683ceb76093fb96ff7a2538a2c8a5c3b43cbd83cc620b1e4d24ca7d1e8f43d8e0cf1eac47b210120e0e1a803ed0a8fd

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity

MD5 39e356e2774c77efe73c365db4a3a0bb
SHA1 a9e1733b0f7ad7945cd31df86aab77c72420c55b
SHA256 97de988b923784ca41aaae17f2a1695576555a2c226d72515f3bc292925e3c86
SHA512 2404bf4c6bf23777055bc346dec639aebcc29bbdf82b1c8741dc6bbfb510379053a50c1ad5c0a45be3e892a5ee734f927ce50a7ad0c4e283edde82e381926768

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7a39b9f76cbb29b10672cda4f9af1688
SHA1 59ef57586a07fdaa921781d88be607dcda864d25
SHA256 f0b34485efc10978491b27b7fd7c0d1b164141df7e48db4965e2fb2482890c4d
SHA512 0b5ffdc6b386542e3915f50ca4b3f963455bfd334c7497a40205baa0085de8ed30bf162a25b84ef55e9886f04173fab73ca1353630367490b7dba0963a7392b2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1469e1f40b1c7126b4684b3fe30f7514
SHA1 05bde30b38ca84c36156ce4380ed1827b3224893
SHA256 3ecacc9f0dc8e5873fbe2dc0f272c77017f7889c2c7e7541a022eb67b6c57d14
SHA512 f914f47321792344102ba0dbd2e72c096e0220c1dd686a6e23577a33ccea5ac9b4e6bb9980694eb1fe93aa76175e15514b5012d38e843007eb9c3011affc92ca

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity

MD5 5c8ca9d65d910e6c5e04cc461d067b97
SHA1 28b51ba8fda48eaaf0e1febf73d84579baf2f05c
SHA256 0a70c27d97144377a0939a38bc19e4f1311f3f35d2b708d9b1ae2ceb771644d7
SHA512 46304e0ff9092138f22b1613a471b7185544a1d4c217bfefec82d7b048472f643df1e6236e84f79f25ce0feb5b185ba55beaff7b914fc03585817c8749c9d8f7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e13c66bad58850b0d22f848bf2e58871
SHA1 d00c0222f38aab9f6f9a7c3cf02a7b4d6d1c8d4c
SHA256 d098c2414d173d8440a758714bb28f63c164ab963221f19f45382cbb99c54f32
SHA512 d101c85733a608564e9116b209a648859c225d4f4f6b8613676ae9166146f91a6352142309a72b3c2f0fecd3e902f2140e5af1d3f8b08da0001bad398524cc60

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ed

MD5 e28df69ea0da355ca94300019a817506
SHA1 d810626a8f00c4220bd28d9b3faf5d06a230e76e
SHA256 6528cf07dd18aade90938cf69275f5a95c2b9336759244207eec50380c621828
SHA512 dbb7f46532c864f4ea9077d9e423d32ceb84c27b2ee3d9e3f0d05b2dae88dd64acfd23b7a794317dad79deb2849f639866a593dea47501cb1a1203849766325c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ee

MD5 8da6d11aa802833875eccc8d1fdb04f5
SHA1 d572549d3d0b888f0e5d668e5c55ae6e4a0fa7e2
SHA256 8fb214c8d218de0adc9176995788a9865a82a38af9377be4c136fb7d464c3951
SHA512 f57d4fd0d82d0e384253454b64f5c572096a849a572712b6aab57e4df0dbc0139e7e39c8f06d897799e05f28fd041d7eec79600b9cf2907ca52ffddd933b93bf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ec

MD5 973e6d40dff90cae7490668199df9a53
SHA1 c0d53515eeb3f8a12738c038c404bc1e4d8e96d8
SHA256 76396a3e3c21d41ae78a1fb8c539f0b4685e2491bd222d1cee157f24836300d3
SHA512 52849cf980427287e95d4ec8bccacd43c28e8a48df0f72b0a4551636f879d1bd24b41b039f017f796ed1ec84215910ce5c74dadb36b8e9a53ae3d233cf3d43b3

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity

MD5 0c3797d3f2687ef049c1217b2774a9bb
SHA1 d798a21c397d092e95a6271354cd5b1b560503c8
SHA256 465655d9ceab9623052f6d7c6593551d2c6717952a3b3a12cc3aa43a2a358c9e
SHA512 6f2a21c9dc71cf5d29cf6e4bdafe8ead589ad609662f42c22049d5884ac55a8148f0e88f77c516c37280ac16fab3f5aef9c729192af7fa8ce6131fe6074eeb5a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 25260ad6693a6627299cbfbdd67a1329
SHA1 766535425b2e8be88ac4c5d03155b5f3a2438052
SHA256 77f7031d8559c4ab73794a561dda3da4e422231912542c20580cb34075d44086
SHA512 cc4e4fb8fec10398156d9c92c730a2c3cd4124110b69d62dc4aa58cee101aac732a965dcc42c55e1e6a734c6eecd70982137a8d01556df5c38c3f9fd5b1a5367

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Local State

MD5 b577a6b7411a056d6a4dd8c6dfbf1955
SHA1 ed34c4f6f062bff609d03945f9c1340560e7779d
SHA256 d939c855dc49a445604bc7db1038368bd59d2e5b997e6b02f62f066c21bc7190
SHA512 3ca16b9e52b8a1c4127d647e67f3461885d528cee258b4395a7ac91882312863d297e9f493e9bcedd36874afc69b7943c57f2443e5412b9441172f5036422f23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 4dae599852d8becf4226e3716dc630fd
SHA1 ed01711d4787690748665b393c21a520b43d33ef
SHA256 6160bee59f06da6d0c93510c1b5992b08644a2ad641b74da43004fabaa94d812
SHA512 7d4edd64aa18cdf7f17b785dee93a519191729f04fc4f4db764df1a51fb75c10a1365a08a69535191df95642655f8d901469638bf326922f01d92076b561a696

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity

MD5 3d9b516453a36391cbea5d34d7b8a044
SHA1 f882a9805a9d62f5cd3110d418b6b9e04ebb66cf
SHA256 638b856db286c328798b539cdee6efb3f779772d6d37b13985f940e3cd625cbe
SHA512 4538eb21c05e0a99a22d5250f650c61e4b7f4074f9c176c651650aef9a9d264bc26b707ec519bae9654d8066c344460af8579d89832d2774619c207a184efd43

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 9f9e253b8dcf726fec5db3f591a02b9e
SHA1 3d2135f29429f165488eaaaa9e1519a72c3b3148
SHA256 3d525ada9b9daefcfc50f4e7bd95a46d24a02fc2b630747b4658ecb5d7ccd082
SHA512 e4709ef8534fd41bfebd8357f2ac5aa88a9c51d2fe1f583bbfbd10801099c63801a4129db962dd3b4065e195637509c21c994535ab578acc3832a62cae275e5f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 719f88c4c247c551e8e4337bed980a5e
SHA1 59c6f802942ca4c041f3173cb5a9041f24470f79
SHA256 c386cf2348c18ec6142d96cab16c7e1545bfc0db8210bef0aed003b4815f179b
SHA512 8c6a24fcfeea0c40afe01c22a6b99dbab46fbcec2428ae8dd66c6d6c8e9b243dcc1216e6b995bb8a93861feada7bebe8c3086f5ab357813112d3099dbf203904

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 98b9bde87fa0f4f180d14f3bb53a5572
SHA1 3de5dfe3551790d5af4ab89f9c0908db56dec58b
SHA256 c531b55b9aac13acd9605ea3fe534b590ae5b83beb3556b412405f6362d436e3
SHA512 0dbae634303bc1977a34fbeb45b1c50ba2798ed2328a75c86190493c4e04cc44a8967394be4bf4739426d3612e9082a1d36095f78bc12c4cd802b1c88ef4ff11

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 71d6a4b41e0918221d03ed91caa0a00e
SHA1 4fdcc0aaaf0a3f9a4713fb40e0ac225290d0e065
SHA256 3a14490aaa9d1b6da5742e4fa7374c439ea11efd39386c4f936db67f75488812
SHA512 65d5e8e2a7edca0cdefb8355217fa836ec8724deedd91f1aa3c834e35e2db4ed629c0bdb0e9e32f73995bb5c666b196d307b99e1fb2148afd78cf6d7bde5d937

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity

MD5 569fd0fa7a01ec127514985971702c18
SHA1 00d858fb810c1d67223f19cec731b9c22b723b02
SHA256 d263fb451a9b7548707794b02dd8b44ba553d7352eed633327a18e036f483fa2
SHA512 7a36bff4ee002754b55b46d51676ae8640aa9401a1596c42f100173720e39bb0dbf8c8085e351e7f41fa4f1221e0bee62e3bea02418ba80105e32df6c10cbf2f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b8de9ab957ceffbd8fc01eb2383c0bcf
SHA1 8b204158dc92555c59f18c2938ae24f5dbaf4c02
SHA256 ff67b8de9ff778d47fb3a5d4958dc61c58ab2219ea4fd00bdf76c1d938057b47
SHA512 be3afe3f369c106b1434b73905d88884ffc416f3126623fffb07799018baac977a3f8ba0876d283265f33777a4cd4671b002356774852258211364c92d140ebf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3d958e44bb0ffabdb41d9b1519c69d23
SHA1 1bf9321471aea6a6a4c280089800efa297c4a60f
SHA256 33a8ff418189c2baac04a3180f4b833382d190d3ba6fa465866d7a225fcb3c51
SHA512 9a890fb65e78a09f12a9fd28f5f2d4e656edf87634fd2001eb9a97130a7e4f58627dbed655b49974b1cb20d15c3a6ff7251b8fe4e9db3a6758b4dc71ca6bab05

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.195.35\MicrosoftEdgeUpdateSetup_X86_1.3.195.35.exe

MD5 dc1543edd0dcd56536304bdf56ef93f1
SHA1 1a8b2c7791f2faa1eb0a98478edee1c45847075c
SHA256 ccbb3d9a4877999a55b2ca6b8128481e91c4b56780f581226f916c0fb2db0772
SHA512 2a6b4aa39bc3e4d234909077d5c6d75b9968c1778d505cc12431afd7aebd01eb65ed2f6f0c53c67f18eed7e97b67a93bab8c44574e3918ccd5cfcd8681767056

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity

MD5 2d428005a76e582d194c369959bbc304
SHA1 7c35dbc62487e3d031eb5a70be84ee477863b8c8
SHA256 817e836c5501d7fdf6cadcdaca1707d0efa8aa97b27bc2cd24bd42f376f182d3
SHA512 ca74256f0a1673360025d80a6063c6a3b26f7f33eb88569a0880b99689959d14226904ef7a94cb315649c548c31b83d4f31511c4a25b7c63326039a51b58ff5e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 29bdf20506b9f2edaeec2ce7aa194f2f
SHA1 832fc77598a25ee8f3e0fc459a3189cf821e6a49
SHA256 6a447ec7ef970db34c226aa61bcb3b7dd66feefcd8ca5fb37ec3cbe8cc634675
SHA512 dffbaaf00419c63f0a822105e111718648ff5e2affbb096a5094abf47a052e33e9643a8d301c9ee9fc7b9f3b834caac40f832d55180e657edb4c6767fe499e8b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e55f0a6d1b533c66_0

MD5 6bc078cca159410ea544ab921d3de7cf
SHA1 592b52c6b7e90c4208656b62130e4c61a406d440
SHA256 d8d1eb3baa0e2348173b8f6dc3f0da5567796fc6e0cdd2171014212f68d826ca
SHA512 7781ace40ed6fcb1ad7e63fffc39167d8e978064f55a55311abb52fc0aa2a1211989d16c4f3a54ed52112b745502b9524e130bca489f2a0a22a8601f6c93bec7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ac910649cabb8df4b19bbfd989fba849
SHA1 0a88c249c61a2543f55758920526b6bd2eb78c54
SHA256 d0707f04c1ce4b7a50fb4e84c87fc648889dde0a2c0b2e737de9bade8aa1d58b
SHA512 145e4492c69d70c5f416fb4306c8d2c92e9f68970ecd1f0881484758fba57219930b108f5a30446dd59ad54a573c79dfd57349a78c3fbb63cba87a065c85333d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7a66a1246c4f29f4_0

MD5 ef78e0e003609bc3fa481c7c33670ee7
SHA1 1697c47ef409f2c554d2a4235a08217943448ddd
SHA256 89878fa340b725ef3449480b92dfe1a233decce7160f385609bb49b70a14517d
SHA512 4c777b5c7788d40936c2a6dfc3d286d4c1dc61bd728f8a961b1e27b2b391775ccb32fefdb3e109b4ebe0f2f88bd31c11d4f19fced8617431a8c23bfe83764975

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0d841345b724567c_0

MD5 9aa8ba3747e096934245a068aab86998
SHA1 483f6cb7b81532410b0b7ca459254d89fbfc7fbd
SHA256 dcefebf5504904c6e76f67329d7ae82f905a09652e356144b3a080896d913131
SHA512 3340f8e1bf6b47ba36197502052cd628cdd248abdd9516aae0a8ff98f783350332775c39a158e0bd40af6f40a98510900319c8beef9708fcca8edc5dcc3c85bb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3a5e587b1f858ef2f5b49815d70fe4e0
SHA1 21015f04186682d76664e62118c8380a0aa14785
SHA256 f9c57821e0f9323cccdbcfad94ed67dc0270410cf974047fa0cd10c98dbf94d3
SHA512 1b1cb189f8993b18fda6b048964c4820457b77e732474b5f44d3d1ea170966cd79d1bc510d60703a6b37852332b531e0bc2440f1b08673d1d590f2babbde8ce4

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity

MD5 53415e5b22cd80bc7a6d1fdeeceee18c
SHA1 757bf251c4d54c063d3b3615f30c411555d23938
SHA256 79203c489bb8beec6fd296548ea243c88674a5ff5148a20e3d4430381c1839bf
SHA512 8920d638fd31dc0aa7bc480a3c102b089f636d061711243169e9f59453b065d07548fac9773f9fe619498f3a96da46e7349aaafd3490faf3075f002e6e1b71d3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7724f68717247045e65f369fba479ce8
SHA1 87975a0ecd44dd389f1ca6ecc1ced83a3d6c0c7c
SHA256 538265a5205cfad8de82a694e24aeeef2916626f94141244e640381792a3fcca
SHA512 bad62c66128080beca2e02b84aa21e2d0110acaceebbbfb7b7713f6faa091218d9d3584bfe8dc118dc6339b1a0c29b1ef83607fd445caa68fc6cd609c0f64f0a

C:\Users\Admin\Downloads\Unconfirmed 78078.crdownload

MD5 3ed6024213496613d1881c71abb03d00
SHA1 83bd095b53b81b11ab44a9b4b73ffb7d2750b989
SHA256 56a3bc1c037fc18536914143d057dae1064499529ec59532eca83a50a0e97894
SHA512 404f0f56aed2f7053562d75ad49a71470905a7339045cec719b5bcb16811cef157ca55cbb5172ac194997bedcd1e604fc24555451dc08f90de0dd50a2f3c907f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 029b769edfe24fa0a8398be641a4fe03
SHA1 f0816df503a1de16feca296e5cb6a9b4203e70c1
SHA256 7fbfbd78f742f739ffd852dafee94879a9679937324a5985fda234c0d0cd4a9e
SHA512 dd80cb3e3e3820cd09e03afa5b8ba13534fb42b83fcaff494ce56944572c38751fd5d76bd083ef6efdd0af2b147ac19244cf3cf3f7dfc66a324d0ba34f65f232

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b3ee2459f69185ebe7aa89cd38dc53af
SHA1 b54499d24322814002806c9cbe0c3f6e19af3a65
SHA256 442af14ac040df0e5df466de2b52f53c4f3ce3e357a7541ec51bff38909eddd6
SHA512 0d1e212c238cd6adf72414f5849c932380e309f7aebc103a9a864dafa61f744ce791136fa8cede0c6d878002684876c80c3c6921e95ab85aa0fdc1e5522cb620

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity

MD5 73ac3d427384e873b22f513f79c2bdfa
SHA1 0b9943c21aebd079a4df768c9bf585dbf0013967
SHA256 af977c2a45db4e802613771b371a0f718c31d48625832eb957f4fe7bf756cabc
SHA512 66c709bd8ecf7678ff5d6a37f15a1deb70480248da29c3209d34bacf2ce469157f53bd95af2aea64c915d5e4108118b0edad1e8d86e03a9ced9eb79934b2e8c3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c467fcb2ca066741dc079a9d949450a9
SHA1 f7d9a93834fa799e193badde5a2dc19b43586aed
SHA256 d2849642f945fa4ba9caae7ceb8d3fa5a4f807e20ef480096720e06057328ee1
SHA512 479e8998e20d55af61838cf10493c8f48e5de4bf614668d06a67bd29f5631cb662271a6711382826bc1634fc6984ef0538e573bf496ae4dfb2d10a4dc09dea1e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 085bfc5e3029cb1b82a7a3f584d0c2a9
SHA1 27e3d9d69e7bbef05b9df81673ebc055a8c04791
SHA256 85231e88ab61f4368b1b41b04f45e830c4013f6e376727ed58a58bd225126b63
SHA512 a9533d67f4037b49c80e5c7eedbf1b17d1aef32dd6e73e6ce7679104654a05053e2a73190543eb59c00ec575ec622bcff153d24a312c152101f8e1bc3b005bbc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 7c125212f5302227f46427caa4081e65
SHA1 90079b56be10783832f0071ab5b1c22cb8fc5f30
SHA256 a825806e93998dfa27f850cf6c5ba6da675e46fc46784be860ed041ab8837001
SHA512 f951ef42be61f6c456ac1f32b6f5f9c3ad378ec278168297402a8cb6dd8d7b51385d1a9b90c9d56eb7c435771eaa10839c1826fc7171349198d4fd37828ec08a

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity

MD5 dec3e043424d9a691886acb432cc4e95
SHA1 927c894f64d7ed6f0a9c096d60f02a92cd97ecda
SHA256 578e7f8b0a14d85e825988dbe20f88acb924f9bf463ff3f8b58a9cc96ffff002
SHA512 29210487fb7bed0dc57ac7f4071c8b3cb5492d929a92995c43805e136fa18e7003a25aa8ae8a623902dd94608c361cdeb57a5b672bde51d33582d6624f0b83ad

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d719dd2b4c2647fa50101ff92580012c
SHA1 4059e70ff1cab5f0ede5655a6e143578f8fd40d3
SHA256 453d9bdd31911f85bada9d6c9262a0143ddfcc9eadd34cb82328126ff23b5a2c
SHA512 77d43a120b03e907d9aa438f5e4ca9ebf6267363c374be024472d57c956b8d8888414823939a5c9c28251af31cbf35fc0793625d2185c0b461f9f64bfb472758

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ac7752c1408f767c_0

MD5 6b2311d784340ff4ddb6e01fbf0511dd
SHA1 d44c87a4ff72cd90318983c39532f14876aa58d6
SHA256 3cfb3c90c56103bbadd0c632cf47eb111209e70ff9799d53c97a6e8ec9e4b05b
SHA512 fce48025d22c7d43d303c2fd92703144be3f14a969fa136bb0bda0ac977e41fb1fd0fc2f16cd6460341d357f8840a1d80212b42612c2bbb11f43e8943beb46bd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b1597446ebc8d040_0

MD5 9f2bde9b26f955061a954e3e0b1eeb28
SHA1 77ac01e1ab695e355475217a793f6c590d840630
SHA256 b7e6eeff0cd8e5891816fc720f3fc7171b004d2c9e23d92b58e7b66cd4d1e973
SHA512 247fa57ac5ddb489db352981547e9a550175cb977c06626ead172ca594ed35fe9f7a6c0cb99f064731465283c3c7c1001d4130d3631545026c6175990d4b7975

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\dfe07f2c15075c28_0

MD5 e41373690d68d4ff5876fd9d0adb83cb
SHA1 84417ffa9ec3ea6f69511ecb3bd9b260dcef5f20
SHA256 618156ba42af67120828451c6612f703add790645442d2a6af0afd528ffc8880
SHA512 01eb81f3e2020cabab6dd94f66af7d95d57d5bff76cd3bea41453c8597b457ff997d063f58943c4bd02b6c0490b1226baccd58c9cef10b385a981ea3468445b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\580fd9376c2d4a3e_0

MD5 a789e43dbcf5ed57463c0691fac3a67f
SHA1 1ed9512cfbee8bdd126106e8b1b5ac0b4b2123a3
SHA256 821550f7560f8423f32df31d907c821373bea580688afb79becff95df0abed1d
SHA512 c4015b44c446b7aeff75e4240d72277e646991f3a4e888489090d7c605963df7b9947a4192bfbc1490baddee103e5bf613c85ddd9a5693e6b6fb9424e25018e3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ec30e8c350025533_0

MD5 4ffbbfcbd9aac2f6d0bb7d8ab05059e5
SHA1 8546952bd220e5f6e87232f3a6d67fbda043a993
SHA256 0630235467dfcb2a1dae5ff6c31dd72b4474a6d8decf87ec69b82a7273249478
SHA512 643cc43a14f4a3eed4f522614aceffb1889bd94e88c5652514fb996d632cee3738b195cf6b04f43529cf0e29ddd8f07ac167cdca1811f0b72d1105f96ee2502d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\605167868572c6c4_0

MD5 4ec450c2fc4add5a7b024ba8304b5214
SHA1 4ab3fabe1b50e24937f06106debe81bf090582a3
SHA256 e709bc50ebfa352c6611d70fde89d487084c781750bffa8c8a12f587a3fa4094
SHA512 596e24738b95e9f87e76cff90354a4500a4756a05f3ed4d9fd120377e7ca5a062819653c0efa9c60e91124b85c488fe754b34eb07ae1dc32bb5ab9db24f8e3b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\45a16ff6d0d9ab5f_0

MD5 335df04289b684af43cf2789d76ba6a4
SHA1 a657c0a28cb9dcf801c0625d7760882e92abdfed
SHA256 839caa7d8558cb5513b6b83cde7d86de590df06f87bef34fce4a1d0a709e882d
SHA512 e675f418c04b6d4bd8314bff332b3baec704a410595021045dc31ead3715a0ccb249b4180e52b7e4396e8d16b5471a251b21519707cbf2467eeb34e7c37c2be3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\74b88724f60b0383_0

MD5 6a45a26e4398d19a5886f4585dd75080
SHA1 d1566dafff3dc3b86cab5136b462914a9a300a0b
SHA256 4a4e16a944f40e165de861c5e7731fa8dca263f68d39e04e23816773fa0d2f9c
SHA512 77d15170a29398b943d272e294a10731ef34f0322e9e0c717e19e979c3b3ef579f4ee36f4b5c48c4f445a3e307764f9a7cc2c0a7d96a723f74ee1c071d2e2300

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d7a29efad91a1117_0

MD5 1a4a7191d4c8d3a8f6706c3225f6bde8
SHA1 80249740c932421e4cbd569b4d07e182e59c7b65
SHA256 ff605ce6d299d1ae3f5ec500638a2a6e96ed51de36a7a77d7b22c2b44ab79475
SHA512 57a45db01e0bb553f6d5ccd6a7e5a0da5647d995fc5bf7591ceff73674958c88543d93219d0df442f0d306bca5a6e5b0e145fb2cbc17d1148d817c3129ef6792

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8ee73a31bd0cce7d_0

MD5 6ce1e021ce9b86c2ab310d6a0946ebfc
SHA1 18e32a36f6b614787439c03de0a28874dacbd2af
SHA256 adb1ecf1ee3ba22d694be3b130d7afb14cda7a545d91b76ace6b6945bff81124
SHA512 51d84d47dcc9055f4b09c5c622a3c2bd2f0d1dbaa242ff3b6edfdcae0cf8deaa0b05e46aba6bdbae7ce6867a5e04b6078a3db79a7cd39d682e3f910eaa1a0422

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6e1427d19ff38087_0

MD5 f95e34c16ba1a052c96fe766add609cd
SHA1 820b544fa78e18467147a303fa96c4ad8b8d7406
SHA256 160b8a2d6ba141fe75daeb6f37365d2c45bf7094bbc47bddcbb57da45deb1755
SHA512 d7a11d793dc57cd274f4b04718c19eff95ff209d891aed628576a1c8aef7f97da882304fbad5a3d30c4928c9260a4de6f9f2094cf1f82e27db7f458b40493030

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5d0c04f9998369cd_0

MD5 0dd2df7a7efe9b05a3f856b7503658d0
SHA1 e208770e23b6125d6047a83607c39ab1017e9abe
SHA256 b6db265ef6b3d55baf66d31cb6360241362492aafaf393f06f3028260526cb1b
SHA512 3fa84a3e3717c91d44f1381530b24d6b4965135613919355d4e2d23879e82953c41ba2c606f867376af84ddbf3009f57df0cae0b8f54d4ae12d85c40155ffc8c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\25c90b4fb1c6ef85_0

MD5 fc45d95e02d78bbd1b616aaf0c9b4d08
SHA1 6f6be3ac2fffe37ff5c4ef3e20e7c5ddaef78371
SHA256 247291f105de7e3bc5fe2c27e8925bc1c054437ad1e6742234bf21a14681ada7
SHA512 1234239f34dd503cde862d4ac01fbb2649771acdf3bf775135e2a6afed9202f99d345c4db1a9dab4700a6ae1b99f06baf1ef73a2a3ba6ee870ffd04dd889e38b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\83d6d3a772bbc707_0

MD5 585db47d9906d29a0dd3aa1b060d314a
SHA1 7a5957c50750347e0f1abcffd93fc45f92ec9636
SHA256 2e5be9b85c25af606117af6cadd1df5c80d2def2e055ed109263394b1702680d
SHA512 475c3832f522429214fba64438e49d392a4f6900514addf8030719c40de147e1d155f05c9d69bf7246866fafe0f2806a40cc78d68b7e24d785b315c393dcffdc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2e4bbad99a372cc_0

MD5 fa052e023b2aba3dd55cb5bca28a1e00
SHA1 ea0e49bff76a63d58166437b45548c8d0bac3af8
SHA256 a9314448ca4f47ef2fa6e3a3939dc908524c0bbbd62be45cde86adc21693f012
SHA512 ca6d10dced4816bb134f710a3f911f6f464e46b811c0ce3eb47bd30586bc348732843829447d676ef880adf7319f2b647aa98236d2b730c17eaff2a256542006

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a09f6271ad0c4092_0

MD5 8ebf4f9ba3b982a33d2ed3e65fed8cce
SHA1 6332a013ff5a19f2cf209a09437514be613dc6be
SHA256 a3c5d8c1d85398dafa2444983d6f18d848a048af3ac5bfb6c5c43fd19c7f00b0
SHA512 5d81e2ac8f78aed1095e1b73c49636cf56f2eb2c04b7fe8e7456d03487f731925ce177856333267e92fa40b08f567f6e5a426f5b187b79be3ce4153be0238623

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\19ea0c5a06faa07e_0

MD5 1ee046dd5fbe357b9aec737686d6af1e
SHA1 11763c8e4ecbc9408274d879ac86a723e7463fcf
SHA256 2ffa09751d76c0e39081b1b7f39521520d1fb6a6d5d2cb7d5d25a7e08d5944ff
SHA512 34c734ccb83f02f98e93e84db0182afaaaa5a83a600a74b5e3beb27d2608815e48b543e4cfd96595f8a1f8bcf039d1a0878a4352dbb7cdc3123ac3989da53785

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d3dbb3008455b523_0

MD5 c30f6672d7ab49a2f604a8f9d7ba412c
SHA1 10208b4753c2565092f08cff288bcee7167b91bc
SHA256 bdc17881f97251c66c1f3b6133dbfd490c33e387ef8c0ac49854fb925f3277af
SHA512 0f9dd0abd38a6c91d1aad73822779d0830724545898f082ec2a80f1b079e65010a83a6386922a6f0d8e743284c5e0b05eb2ee6cffcbeea6dd9753fa4f8fff1be

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a267b7c21d8b8c9c_0

MD5 ced430cd778a80f4f5347b9a785bba02
SHA1 46a55198e319356101570be155a5b5925134189d
SHA256 7e9a047d739f03dc1aefdb03004c6fcaff67d6c400ca15d81356bb7ea92031eb
SHA512 8c5890412c020e9763d2ab20892ac5e6ecaef3bd0698cb33d7a208927c17e7c5f5133d8901a3e267d6da09971a8127d16fda3081aa1f587eb0767fe5c56003a5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5dd1e579c9681f95_0

MD5 1c7344dad902e00d22eeb39345068ab7
SHA1 7a8ed0e59832d283827b744305dab1361e3fa0b3
SHA256 c1a6d0d60528e8406144bc40ebea0f0c5d0a21046f99998241d72645d2682cc0
SHA512 f5590991ee44c2db9caa94a2d1d0e1c84e42493129c734727305b05e8d76811cddbaa4a8f162437261dabe6a31965d4b0469fc146e97c5427d314dbf631d70e8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b3e82669a81c981d_0

MD5 d982ee27bdef994af2908eef3c43d7d1
SHA1 dbfc063447db12252f51ecafc54ce4fee8caaf23
SHA256 7955e0fbe28bcab9f0f8a9a1e8848285ecc399ea914065cef0969f358d1366e9
SHA512 130d0fa1a567b8ce0d619dff18553767876342804a581d9816345d1c51da4b58fc99497dd49eef1fd69ee779d452810f3dbaca49d06881dc70a178ec5f403db7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9dbb949d27873cbc_0

MD5 af97a25df209aeb3b11a5a8857549873
SHA1 44226043039f347fa501fbb904c24c57a619280e
SHA256 2874d9320cddfb0c7b284b9b5e5b14080fffbb462f0e36a64c87984f917d0c07
SHA512 baeb35777bdfe054b02a97a7b77150b293db539404885ebdd12708b29815c2a783b27dc6357eb31fa398057f14a189c19eb2268aa39f09875d3605e102b9a098

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e4f85019800026a2_0

MD5 d47f0812853d44fb444264df0621ce82
SHA1 2eca0a1c6309a18c11a8a813783b166f38d218a6
SHA256 dbe77d8cafb443792f0a4730cbcc14758dd53e16291ffe879615e177e965f007
SHA512 874147ccac5f2d52ae30c6c0bcaa594c6ae2e502793ef2312d51db80ac0510e52e35224ccdebaa0afad9a4b7b3eb4ecccabd0f335357a7541e714b0b34b3947e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aa5fe3b36e22e31b_0

MD5 434022bda45c04e2fea8f5df8d94ace9
SHA1 a39d9602b62945bc4530ee61ef9b7198927b9907
SHA256 e16f7930248b936143a3873a77104b484f9851b2894c3d697f9ffbecc9169712
SHA512 a3b1e5932cb870d53e86eff45c09aaf1df00e8499d05bbeeab7eda4f4b73e66ff430851099745868881149c6024093e306cc0d4d81a9b790081d724e08f34704

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6d3b0ad57bdf7db9_0

MD5 76be4c6caa77dedcb910fab23e3f7dbb
SHA1 7392f96f41f4171ad1f4f49ecb23a4979d2919e4
SHA256 6e231d778571fb6a34370a90291f9b3872e86fe06989cd1d2d8cec3997da9f9f
SHA512 c983afc60e68cda35d5b90ec0c23ddad37787a9cfd9612b90674a31497ec01cdfddc7f68cb879fcd9a970499264fdac9bd8198f9c03c5945bd273292e36086a9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\daea348421cbc209_0

MD5 53c9392a769bc3be282f4bfbfe057bea
SHA1 842939b3773c85bcba4f44b320f112f725e7e0eb
SHA256 c8650328cd031d2c3e14771c3e7b6da661c9e06dc247ab230217aa48631df4ac
SHA512 913da458daa73429858135a30dd84859178c96ba1c3a8367154307fb3db257823dc1a7b078457cba8d055c8c266ddb9fa68b266e3464eea727dc4d8abc0ba97d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6a26de030ab5c02f_0

MD5 5c8487c0dbbb47429f76a056f9618fb3
SHA1 63d3e2d60192eec5291d53a8554f505b7ae76545
SHA256 dbfb1b9eda427833e6dedd8457c1faea86b35b8beb92a0f56e9a97ea9afb23ef
SHA512 8178809ede2f2ea858da2c76bb2e155b9fb843ce19ca6012c4e97b6916bfacd2445bc25aedbebd7c87308c902f7a56a1375ea0a54129183611566a8cac3cb5f4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c55f45683fc2f5ab_0

MD5 0b02508db1b387aedeadeea3c2a6ecaf
SHA1 0312356c566b2b4aa3a3d54c6b5bc064abcdd2a8
SHA256 611e20278ed5df66081b4f6672b3b1c1463f0c58660dfb9852a5fdb3d46078dc
SHA512 a1f7c69c26e2bc58b9210126bc01be5f1d1823f93d9c070ca89a3d14c08272d749bb61daf13796da9c25df75c50da9282dbd049f133b3e0f2cb302e9e78bd312

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7899d2b49a9daab3_0

MD5 7adb19e0f0d6309b8faaa875e9824edb
SHA1 77153ec7a2eac6642f2b73715fa213fea6edc80a
SHA256 8431cb8263534b44d534c45c1b96e2ad5146b7955f60f5c9c08bfdd1da0ec05d
SHA512 709c4e8da18246ef17e5e65a111f2393b59bb74509757dda0286ee0d3370defc8f7760b21a30ddd7e782090200de5d487dcfbad07c4f20df941fbf179ba8552e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\46d8591239c0d052_0

MD5 d6eba23f773360179458848953959739
SHA1 eca7006f3023924401a1b916b5a37eb6fdb3be4d
SHA256 de422867f63076e949d629799ce1716dadec7ffe0dc96d110c23df88c6486637
SHA512 91226ce52b2b302bd239e8006e890424ae1856762c3f02a32ebcbf11bf51c279252d8a982e1d8d1742de2c78aae6e5ddc7e8f7a2890a19e0f882276480674a4d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\14ff8116b518ca2d_0

MD5 bf7fdee5092d1de1c59fcf59de8fe42c
SHA1 ccd6e9dc9a28f80e344f9bace98ced33acb1caa0
SHA256 201e94fdadee9e73cfb8ff48ff5d9d0ed5104dc857fb3db0a0aa2679b5acb7c4
SHA512 cfc6cb9a97a680dcea04d231e83c62a6b920f6e84278ff26cde18ac6b62a82489dd0f048ae2e6995aeaf0a24331a17aa135c70247549d255a3bd4496df8a0d1a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9a267665648440b9_0

MD5 6b93e319b9334b80924fa146b06db684
SHA1 cd15834039b906122461170d62455c3f54640829
SHA256 9d28b35425154f48e7030d2f26fad9507d59950d02e15fd722cece91a8af40d8
SHA512 b9a7112c28ea2042781266305c166669e9a66401df6b58fa8b61e5508ef4e835ebbf3a747158bc841af1144e0278eb7948e1e1a4c9fa36104cb24c360bf198f0

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity

MD5 70cbc4ec4beb39f74817e23961eac8ba
SHA1 7b9088d97e37ac89e6e046d684232d4d15b84a70
SHA256 b4b20febb31e169fb4591ba0ae09c23004a32b9f83345a27065fc20dcea493d2
SHA512 f4a2369ef8263a3a48fb03c32cefd8d8f4af726a27eafe55f563580506eac199c6161ddf7ff82672aef0bd022cff3a2a7f59e9f17d30fe541d1360a22fc55c71

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53ac5abc87e80789_0

MD5 1bfd5a31fb0a8f5712dac5a1e6379f6c
SHA1 ae53afc5dece4dc2d1851c1846aa8a5e9dc79c47
SHA256 2da22424a38a577135798b890db789d84380a5c3e3b451d722962d32086cf493
SHA512 4c659d0aa98b961d63da24ef1a84c59f2521b4c9b791eacffe0ad0d473d0666aec08e960d8d06d3ae417e642b95482147c9708ad65cf6207d127002d4f37871c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9412c8b664751f90_0

MD5 b47fbeb2eb5e2a075fc655e39192c468
SHA1 35c90c19e8f5459c7c3f30654a1a387522f65df1
SHA256 9e22bd324c1daa56f88320374f6d01b0305dc7fd320d4472d3832e4560e60896
SHA512 2197ebbbb31e855ac7505e9ed3b903929450d65e82101e42329cdeeea8863f9eb362169f741de97b7633d6542100b9d8d7bdfbf3ddcec02efebc16ea94ac177b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0bbe00d9bf7b798e_0

MD5 55cb505e87e93f7d9a2e5bb07628b1dc
SHA1 0c62692989be6a2feb7df548d5bd70633d7700a4
SHA256 d0f23377a127c43bb0788bfcf9ce4859f0f8461bcd3d0678e87aab9a0458f268
SHA512 cb57fd8d4b68d27f4a82c436bc1b3c11bf85478a304b9e09dcaa43ec57789cef09a4ea1fc8b1b0c530bf9e8b12d059344aa8753eeb519230b640ce61eb25a047

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5a994fe24b451732_0

MD5 f220d777a5ef1c21a3eda3cd3319addd
SHA1 2158b6e8f04f6c7ea632cb10fadc724ce1cd91aa
SHA256 e9643a89376212720323717c67d2e55cd50151dfb622ff402d0a9c75c42ebf4d
SHA512 d08dbbfc7a3e7182eb49dacc8b88ab896078502df30a187490c3043a32b9beb8c82da7f98f541da6a0f6e231f5073bd7fa79dc8e0740654cedf9dc7830006cde

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f9f54d7f2e6cf0b1_0

MD5 b2c0c55ba1d9fd36a2464490835b884f
SHA1 85f284afb63dc594bdf6168781d4191c4b8e8f02
SHA256 bc97e6dac6f0138f4bd287a5259809058f48de1709d94ca616eefd1f7b0cbf4c
SHA512 86a06bb9743ee18a56e421ba202aebf8feca56e0d58f9326a3a570612e112d67e2ef00eabad6077638e6ae5685e317e06e0359e81487a0dc016feb730638ddc5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e8b908eeebdd740d0f129071e1711097
SHA1 6e1c888f1412f38ff1167b055c2fecf0cff2eee2
SHA256 8f63574dece7eedb2a6a13669d88d40e2d1206e96902d6bf4d4d48117cdf032f
SHA512 466d39e1294853553011d121e9beb545f7b9326fbfbbf01ac065929e6f243190089e600f87c0988f0248e6d45e55ab75d5f380ca5de4faae9f576409a19eff8f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 888ce3f0e1eb36d17f49182ec3152b9c
SHA1 0c7491f7d393e3eb2dbc031132cdda133de855da
SHA256 dd5e6ac5fddd40ccf783b92a5298e9239f5a45c0edb5be46e4c6b2d83f1f716c
SHA512 1730156652898794dac09709b9e1b45072191bb7eb8143e8009a3da72a4dd07b3cb9a1661aa2d20701ec586e4dc8211bd5be8c64561e3c532f557387b396fee6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000186

MD5 9a36e47b062c2a7cc98b2c7c60423338
SHA1 a981b814d5b10e4dc0ab86fff926c960f19d756f
SHA256 cd85f4762e736ff87d7184e4a146149df68c9b646be1841aab202e55ccad499e
SHA512 8e4f25e2e4af4a3317e94eb97c580008ac622ba7110f3716e09a15647793921912ce57436c31dd48578185b6cd00edb975a49a21d1684420b07cb98c0f2902ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 9bf89ed50e3cd02cec7d5f8c7b2ae878
SHA1 c3fdf69545131e4e284e68c04f834348af7c1068
SHA256 9b7db621f45547a6943e7c330c1f73dff978bbb5ad22a1156503d5aa74eb8c90
SHA512 ef00c9cb57ab1c00316323cca05bb377d7cb8c1c4d77351d9695ab12bec91559a613d3646459c99f944465e385bd629708fe5c2c7806194225d115c11a51406b

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity

MD5 7783e6158eda024c839b4072666c25f8
SHA1 c30cd2c2ad07a4e23dad0cb93fd0eef65632715c
SHA256 eb7b99f0347d36691d8c5146e8122cf5ab1b1653b83d3e4a808ff94d388e6838
SHA512 be990bde8f0724bfe7f147a61324d3aff23a0e2001806cd50fcb4aea368b8f2a4ea7238e861601795de8698c37c1a8ddb7bd7d9b6836a969962715b48700583b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0cbe947257ce3c5e2ffadedbad2ec3ef
SHA1 5e5a60115273bcf4aac9f61180440234ef9a1040
SHA256 d9e6b8f2ae1c2b594c4e1e813c6c65839c5defcc9f9eb1c20ecdd89114588b7e
SHA512 b2deb8d715da41ef9b622d3a0d030689861da15bd32a66cc0a310e3fdfb1936fdcf0a12128ddfc8ad15ba6b02b2b08f986a9e1fc99204cfc5ace4a49dde66643

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 90da9795b2898335ff1cdc29ef260e3e
SHA1 5ab8dcdf3502162b44d315686ff0f6dcb7f14a41
SHA256 124eabb90d5d5db9e635f26dcd4f04d380820249929a03fd48276370f2d57e3f
SHA512 8bf6fa167529c4dca5459f275cf7fe43d0ac8c24e20386c015984e9399d0b3ca4c5d6e8920819e6670d23a6be2aa14243d6172acb15cd04ff58906b88b85cb95

C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Default\Network\TransportSecurity

MD5 6c7d3441d7bdd0246dd6fc1c660ab5a7
SHA1 75a08c34a4dfa4ba4a3d80c13bd57f329caf13e9
SHA256 cb5e3f71798d8f807bbb29491eb1c235124357461bfebe07869e6a7ba6ee5174
SHA512 107ab661b6660cbe2e76b06a035ff2e53de38888330dca2c1b24e33db17498e7a80425e5d58765ee5274bee28f3653755a83d612c906be208d8ba404dbf6382e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 cd9ac63840a1fe6be64bdf54fe48713d
SHA1 f521245720cf60771dd3d5a5567cd6f8470b9d00
SHA256 1c61dfde0c5beaac3ec52a4ee645dd5697ad2ed6de7719efbc92dd4e884348bf
SHA512 389fd8b02a1c34d37d7e9ce2777bb5e8e69051e89e930a98f9d6b69b76c15e1cdfda79fd89942f2ac1449135c5e2635f1dcade22e0717c2bfd87bca1be176156

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 1f08081779664eac4c5a5632da344728
SHA1 0e0f45131a311c9a64812e30da8f388f96da5965
SHA256 0d852009a34646355cae3f0197e331fb6a0e2970ad14b8eb7a3939db011af3ec
SHA512 0cb2c03c4df20332b2bc0937bae8bad5dc60b58312684a4522f352d02cebde6592268ec5c581b8f0168f7ecc7ce04c3bbfdbf23b5c4597314d7b94250a9491ab